FESCo ticket on firewall

Peter Laursen jazcyk at gmail.com
Fri Dec 12 21:49:41 UTC 2014 

+ 'remote desktop' servers (VPC, VPN etc.)

On Fri, Dec 12, 2014 at 8:36 PM, Peter Laursen <jazcyk at gmail.com> wrote:
>
> Just forgot one detail here: if it becomes a rquirement that connections
> to services installed on Fedora Desktop are tunneled through SSH, I believe
> that this will create much more difficulties for users than managing a
> firewall would.
>
> -- Peter (again-agan)
>
> On Fri, Dec 12, 2014 at 8:28 PM, Peter Laursen <jazcyk at gmail.com> wrote:
>>
>> I cannot figure out how to get access to the ticket. I am also not sure I
>> am interested in yet another such account.  I have more than enough
>> accounts and subscriptions already spamming my mailbox.  So  I hope it is
>> OK that I reply in this mail thread instead.
>>
>> If I understand the discussion, it was a decision in an early stage of
>> Fedora 21 Desktop development that it should not have a User Interface for
>> firewall configuration.  And I think this is the basic problem and mistake.
>> I cannot see how usability and security can be achieved at the same time
>> without it  Even though it is not a server platform, you may still want to
>> run server programs on it (typicaly for access by other systems on local
>> network).  I can think of (at least):
>> * a test or learning instance of any database server
>> * all sorts of file servers
>> * media streaming services
>> .. and they will all require the port where the server listens to be open.
>>
>> I think a very simple User Interface for firewall configuration should be
>> added. It could be as simple as just allowing for opening of specific
>> ports. I also don't think it will cause problems.  People can manage
>> firewall(s) in Windows.  Dont' assume that users are more helpless than
>> they are (that is/was Ubuntu's mistake IMO).
>>
>> (and as a final remark the security issue is close to NULL for al the
>> people running FD21 in a virtualized environment or behind a router. They
>> will have the protection from the host OS or the router. But some people
>> still use various types of modems and not routers of course)
>>
>>
>> -- Peter
>>
>> On Fri, Dec 12, 2014 at 3:09 PM, Paul W. Frields <stickster at gmail.com>
>> wrote:
>>>
>>> FYI: https://fedorahosted.org/fesco/ticket/1372
>>>
>>> When responding to this ticket, please keep the discussion impersonal
>>> and objective as possible.  We should plan to have a couple people at
>>> the FESCo meeting next week if this is on the agenda.
>>>
>>> --
>>> Paul W. Frields                                http://paul.frields.org/
>>>   gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233  5906 ACDB C937 BD11 3717
>>>   http://redhat.com/   -  -  -  -   http://pfrields.fedorapeople.org/
>>>     The open source story continues to grow: http://opensource.com
>>> --
>>> desktop mailing list
>>> desktop at lists.fedoraproject.org
>>> https://admin.fedoraproject.org/mailman/listinfo/desktop
>>
>>
>>
>> --
>> Hilsen / Regards
>>
>> Peter Laursen
>>
>
>
> --
> Hilsen / Regards
>
> Peter Laursen
>


-- 
Hilsen / Regards

Peter Laursen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/desktop/attachments/20141212/b8f42bf1/attachment.html>

More information about the desktop mailing list