On Tue, 27 Aug 2019 at 14:25, <mcatanzaro(a)gnome.org> wrote:
On Tue, Aug 27, 2019 at 2:37 PM, Iñaki Ucar <iucar(a)fedoraproject.org> wrote:
There's no need to write "a new style of firewall". It would be as easy as
asking the user once whether a new connection is trusted or not. That's it.
But, well, how do you do that? What do you show to the user?
Windows shows a pop-up. I'm not a big fan of pop-ups though, but I
have better suggestions.
Right now (I'm talking about KDE, sorry), when I click the NM applet
in my taskbar, I see the WiFi networks available. Ok, suppose that I
want to connect to a new one. I see the name of the network, a
"Connect" button and, if it's a closed network, a password prompt. The
only additional thing I miss there is a switch that says
trusted/untrusted. That's it. Possibly with a short context help
message when I place the cursor on top of it which says that trusted
means that I'm at home, and I possibly want to share resources, and
untrusted means that I'm at a cafe, airport... and I prefer to stay
safe.
That's all it takes: a small green/red switch, saying
trusted/untrusted, and mapped to the proper firewalld zones. You don't
need firewall-config, you don't even need to know there's such a thing
as a "firewall" behind the scenes. You only know that home is trusted,
other places are untrusted.
Iñaki