On 12/06/2010 03:42 PM, Stephen John Smoogen wrote:
Ports that you don't know are open to the network but are somehow
available.
Let us put this conversation slightly different... how many of us
remember password-less package install? It all sounded like a good
idea with people who are going to be on the system already being able
to do what they want so why ask for a password. However how did it get
seen in the end? Fedora comes RootKit enabled and other fluff.
I am trying to think how this one will play out:
"Ten years ago, Linux distros were cutting edge by coming with a
firewall enabled. Now Fedora is going to cut the edge in a new way...
no firewall wanted."
Yes there are a lot of good ideas and reasons.. I think that first
though a tool to deal with firewalls and THEN we can talk about what
firewalls need to be removed.
[And no I am not trying for 2 weeks of LWN quotes as tempting it will
be. (alright alright I am .. it is just so addicting)]
Clearly we just need to word it differently. Linux has a firewall built
in, that nothing will come in until you bind to a port. We're just
removing the redundant extra firewall by default :)
(I'm not actually serious)
(I also don't really care if we have a firewall by default vs not, so
long as we're very clear in what the benefits are one way or another
(more than just ZOMG NEED FIREWALL), and we make it easy for expected
things to work and unexpected things to not work)
--
Jesse Keating
Fedora -- FreedomĀ² is a feature!
identi.ca:
http://identi.ca/jkeating