Accidentally enabled service after update from F16 to F17 - solutions?

Michal Schmidt mschmidt at
Thu Jun 14 15:16:49 UTC 2012

On 06/14/2012 04:19 PM, Stanislav Ochotnicky wrote:
> Quoting Michal Schmidt (2012-06-14 15:10:56)
>> Is a running jetty really _that_ dangerous? Why do we ship it at all
>> then? ;-)
> Why do we ship Apache, tomcat and tens (hundrets?) of other useful
> packages? Jetty unlike most packages _is_ remotely accessible so the
> attack surface is rather large.
> If you wrote that in a jest, then sorry but I don't take my mistake that
> could compromise security of Fedora's users that lightly.

I thought the winking smiley gave it away.

But there is a basis for my jesting comment: It's great that you take 
security seriously, but I believe you're over-estimating the danger of 
the running service.
Fedora has a firewall enabled by default. And I trust that the service 
receives any applicable security updates. The users' systems are not 


More information about the devel mailing list