On Sat, 2005-12-17 at 07:41 -0500, Sean wrote: > > Well it can be handed off to a "root" process via dbus which imposes all > the necessary security. We don't want to make this an install time > option, especially for peer services like BT. You don't want a static > firewall rule for a process that is only running occasionally. No, what > you want is an appropriate firewall rule set only for the time that BT is > actually running. Anything else is a security risk in itself. Oh I see what you are saying. When trusted application foo is being run by user in trusted group bar (or open for any user) - the firewall will open ports xxxx to yyyy should foo request they be opened - for the duration that foo is running. That would be slick. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
