Am 08.12.2014 um 17:17 schrieb Bastien Nocera:
> Am 08.12.2014 um 17:10 schrieb Bastien Nocera:
>>>> Security is about compromises. The net result of the old firewall
>>>> settings
>>>> was people disabling the firewall.
>>>
>>> And the net result of the new firewall settings is you disabling the
>>> firewall for them,
>>
>> It's not disabled
>
> it is practically
>
> the only port unprivileged code can listen on is > 1024, you opened that
>
>>> The new firewall settings essentially amount to disabling the firewall.
>>
>> It doesn't
>
> it does
>
> the only port unprivileged code can listen on is > 1024, you opened that
And you're not interested in protecting any of the services running as root?
noah stop that polemic
i know /etc/services and hence i am interested in protecting *any port*
period - end of discussion - we will never agree and thankfully i gave
up maintaining any enduser machine years ago because i had enough of the
out-of-the-box security problems on windows systems and god bless that i
never started to recommend anybody use whatever OS
the machines i have to bother about are secured
*but* be sure that discussion is bookmarked if we read soon about damage
done by careless defaults to users which thought they can trust their
operating system in a default setup