<div dir="ltr">Just forgot one detail here: if it becomes a rquirement that connections to services installed on Fedora Desktop are tunneled through SSH, I believe that this will create much more difficulties for users than managing a firewall would.<div><br></div><div>-- Peter (again-agan)</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Dec 12, 2014 at 8:28 PM, Peter Laursen <span dir="ltr"><<a href="mailto:jazcyk@gmail.com" target="_blank">jazcyk@gmail.com</a>></span> wrote:<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">I cannot figure out how to get access to the ticket. I am also not sure I am interested in yet another such account. I have more than enough accounts and subscriptions already spamming my mailbox. So I hope it is OK that I reply in this mail thread instead.<div><br></div><div>If I understand the discussion, it was a decision in an early stage of Fedora 21 Desktop development that it should not have a User Interface for firewall configuration. And I think this is the basic problem and mistake. I cannot see how usability and security can be achieved at the same time without it Even though it is not a server platform, you may still want to run server programs on it (typicaly for access by other systems on local network). I can think of (at least):</div><div>* a test or learning instance of any database server<br></div><div>* all sorts of file servers</div><div>* media streaming services</div><div>.. and they will all require the port where the server listens to be open.</div><div><br></div><div>I think a very simple User Interface for firewall configuration should be added. It could be as simple as just allowing for opening of specific ports. I also don't think it will cause problems. People can manage firewall(s) in Windows. Dont' assume that users are more helpless than they are (that is/was Ubuntu's mistake IMO).</div><div><br></div><div>(and as a final remark the security issue is close to NULL for al the people running FD21 in a virtualized environment or behind a router. They will have the protection from the host OS or the router. But some people still use various types of modems and not routers of course)<br></div><div><br></div><div><br></div><div>-- Peter</div></div><div class="gmail_extra"><div><div class="h5"><br><div class="gmail_quote">On Fri, Dec 12, 2014 at 3:09 PM, Paul W. Frields <span dir="ltr"><<a href="mailto:stickster@gmail.com" target="_blank">stickster@gmail.com</a>></span> wrote:<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">FYI: <a href="https://fedorahosted.org/fesco/ticket/1372" target="_blank">https://fedorahosted.org/fesco/ticket/1372</a><br>
<br>
When responding to this ticket, please keep the discussion impersonal<br>
and objective as possible. We should plan to have a couple people at<br>
the FESCo meeting next week if this is on the agenda.<br>
<span><font color="#888888"><br>
--<br>
Paul W. Frields <a href="http://paul.frields.org/" target="_blank">http://paul.frields.org/</a><br>
gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717<br>
<a href="http://redhat.com/" target="_blank">http://redhat.com/</a> - - - - <a href="http://pfrields.fedorapeople.org/" target="_blank">http://pfrields.fedorapeople.org/</a><br>
The open source story continues to grow: <a href="http://opensource.com" target="_blank">http://opensource.com</a><br>
--<br>
desktop mailing list<br>
<a href="mailto:desktop@lists.fedoraproject.org" target="_blank">desktop@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/desktop" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/desktop</a></font></span></blockquote></div><br clear="all"><div><br></div></div></div><span class="HOEnZb"><font color="#888888">-- <br><div>Hilsen / Regards<br><br>Peter Laursen</div>
</font></span></div>
</blockquote></div><br clear="all"><div><br></div>-- <br><div class="gmail_signature">Hilsen / Regards<br><br>Peter Laursen</div>
</div>