On Friday, February 21, 2020 7:17:33 PM MST Tim via users wrote:
Tim:
Beyond the usual (HTTP, mail, DNS servers, etc), what is the average non-admin user going to set up that listens as a server? Admin- users setting up those traditional services ought to know how to manage firewalls, or they ought not to mess around with those services.
Samuel Sieb:
There are a variety of things like file sharing (webdav), media sharing (dlna), remote desktop, various 3rd party or proprietary software, etc.
So, why can't the installation of those applications automatically include an appropriate firewall rule? Better to allow a controlled opening, rather than just open-slather.
--
uname -rsvp Linux 3.10.0-1062.12.1.el7.x86_64 #1 SMP Tue Feb 4 23:02:59 UTC 2020 x86_64
Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list.
They do come with firewall rules, see /usr/lib/firewalld/services. They aren't enabled automatically, of course, because it's up to the end-user whether or not it should be available on a given interface.