allowing programs to open ports

[Bastien Nocera]

----- Original Message -----
> Björn Persson wrote:
> > I bet! I worry that the questions would quickly become annoying. But if
> > ports are going to be blocked by default, then there needs to be some
> > way for non-sysadmin users to open them.
> 
> No, why? The ports just need to be closed, period. Non-sysadmin users
> shouldn't be allowed to open any ports.

Which leads to users being frustrated at the default firewall, which leads to
them throwing in the towel and disabling the firewall altogether, leading to
worse security.