On Dec 9, 2014 12:55 PM, "Reindl Harald" <h.reindl@thelounge.net> wrote:
>
>
> Am 09.12.2014 um 20:51 schrieb Pete Travis:
>
>> Hmm... a whitelist of things that are allowed to ask for firewall
>> accommodation doesn't help me develop new applications at all.  And
>> you're jumping to a really high level UI thing and just sort of hand
>> waving over the mechanism needed to make it all work.  Assigning
>> different networks to zones is a different problem compared to a program
>> asking for a port.
>
>
> don't get me wrong but if it is too much asked for you to open a firewall port i don't want to have your network-aware new application on my machines or any machine working in networks i am responsible for
>
> a prerequisite for develop network applications is understanding of network basics and if your application don't use networking you are not affected
>
>
> --
>

Lets say I do have an understanding of network basics, just for the sake of argument.  I share my application with you.  The application is intended to listen on the network, you know this and want the application for that purpose.  You run the application, it tries to listen to a network port.  Magick, prayers, and the ghost of Charles Babbage - or maybe some hypothetical dbus service- does *something* to find out if you really wanted that.  You did.  Neither one of us is is made incompetent by the convenience.

Here's the thing: firewalld will let this happen.  at here is a dbus interface.  Thomas has proven more than willing to accommodate RFEs. Nobody is asking for changes that would solve the problem of frustrated users or developers encountering firewall restrictions.  The GNOME folks don't want the UX compromise of rote-clicked dialogs.  Nobody else is suggesting an alternative implementation that actually *improves* the Fedora experience.  Ideas get more traction than complaints.

--Pete