Proposed F19 Feature: firewalld Lockdown
Matthew Miller
mattdm at fedoraproject.org
Tue Feb 5 22:20:18 UTC 2013
On Wed, Jan 30, 2013 at 12:51:49PM +0000, Jaroslav Reznik wrote:
> This feature adds a simple configuration setting for firewalld to be able to
> lock down configuration changes from local applications.
> == Detailed description ==
> Local applications are able to change the firewall configuration. With this
> feature the administator can lock the firewall configuration and these
> applications are not able to modify the firewall anymore.
>
> The lockdown feature is the first part of user and application policies for
> firewalld and will be disabled by default.
Without this feature, the available changes users can make are not limited
in any way, right? That is, with current firewalld, any local user can
change the firewall without additional authentication?
Wouldn't we want this actually enabled by default?
--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm at fedoraproject.org>
More information about the devel
mailing list