<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
<div class="moz-cite-prefix">On 12/09/2014 11:46 AM, Richard Hughes
wrote:<br>
</div>
<blockquote
cite="mid:CAD2FfiHd3UJsSaW8OUc2Rq-pigtpfizrr+xCyPzzsDvQaYnOyQ@mail.gmail.com"
type="cite">
<pre wrap="">I don't think it makes much sense for people to stamp their feet
saying "BUT I LIKED THE OLD WAY OF DOING THINGS" when the people
leading the workstation product have identified that the old way of
doing things just doesn't work for the majority of people. You're
probably not in that majority, but that doesn't mean the change is in
someway intrinsically flawed.
</pre>
</blockquote>
<br>
Nor does it mean that the change is intrinsically right!<br>
<br>
Every pro argument on the list about this has been because
"firewalls are hard" for most users. At the same time the release
notes are saying that the change is for developers (2.3.3) -- and
devoting half of the opening sentence to the media sharing use
case. If someone is a developer then they should have a hurdle
before opening their potentially dangerous code to the outside
world.<br>
<br>
The media sharing use case is really the crux here, and I appreciate
the issues involved. However, instead of turning off the firewall
to non-privileged ports, why not create a tool that opens the
involved ports that's driven by the user? That seems a much better
solution than disabling the firewall to make media sharing easier.
If it isn't ready, it should have been pushed to F22.<br>
<br>
The biggest problem I have with it is that it's a huge security
policy change that has a relatively tiny note in the release notes.
I know multiple people in my department (developers) will end up
with databases, tomcats, rails, and other network-based servers on
the open net because they didn't see the notice in the release
notes.<br>
<br>
Personally, I'll just add it to the "poor choices that fedora made
that I'll undo at install time" list. <br>
</body>
</html>