Firewall

[Jesse Keating]

On 12/06/2010 03:42 PM, Stephen John Smoogen wrote:
> Ports that you don't know are open to the network but are somehow available.
> 
> Let us put this conversation slightly different... how many of us
> remember password-less package install? It all sounded like a good
> idea with people who are going to be on the system already being able
> to do what they want so why ask for a password. However how did it get
> seen in the end? Fedora comes RootKit enabled and other fluff.
> 
> I am trying to think how this one will play out:
> 
> "Ten years ago, Linux distros were cutting edge by coming with a
> firewall enabled. Now Fedora is going to cut the edge in a new way...
> no firewall wanted."
> 
> Yes there are a lot of good ideas and reasons.. I think that first
> though a tool to deal with firewalls and THEN we can talk about what
> firewalls need to be removed.
> 
> [And no I am not trying for 2 weeks of LWN quotes as tempting it will
> be. (alright alright I am .. it is just so addicting)]


Clearly we just need to word it differently.  Linux has a firewall built
in, that nothing will come in until you bind to a port.  We're just
removing the redundant extra firewall by default :)

(I'm not actually serious)

(I also don't really care if we have a firewall by default vs not, so
long as we're very clear in what the benefits are one way or another
(more than just ZOMG NEED FIREWALL), and we make it easy for expected
things to work and unexpected things to not work)

-- 
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating