trusted apps and trusted networks (was: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break)
Stephen Gallagher
sgallagh at redhat.com
Mon Jan 5 16:12:37 UTC 2015
On Mon, 2014-12-22 at 23:24 +0100, Kevin Kofler wrote:
> Stephen John Smoogen wrote:
> > User A wants to be notified of all programs opening ports even if he is
> > going to whitelist them.
> > User B does not want to be notified and could care less about security.
> > etc.
>
> User C does not want to be notified either, but just wants everything
> blocked silently.
I doubt that User C *as described* exists. I suspect you meant "User C
does not want an interactive notification. They want things to be
blocked and logged appropriately, so that if things are not behaving as
expected, they can find out why and what they would need to change to
get it working again".
I'd argue that something similar to the SELinux Troubleshooter would be
a useful solution here, if interfaces could be added to support it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150105/e7000897/attachment.sig>
More information about the devel
mailing list