Firewall blocking desktop features

Nicolas Mailhot nicolas.mailhot at laposte.net
Wed Sep 11 10:02:44 UTC 2013


Le Mer 11 septembre 2013 11:23, Alec Leamas a écrit :
> On 2013-09-11 11:11, Heiko Adams wrote:
>> Am 11.09.2013 10:41, schrieb Ankur Sinha:
>>> - These software inform and take permission from the user before
>>> opening
>>> ports in the firewall.
>> IMHO it should be the job of the firewall to inform the user about an
>> application that want's to open one or more ports and ask for permission
>> to open that ports either temporary for the current session or
>> permanent.
>>
>>
> Is this a good idea? The firewall just knows aboyt an attempt to use a
> specific port. It does not know which application which *really* is
> trying to use that port. It could certainly make an educated guess, but
> that's just not good enough in this context IMHO.
>
> OTOH, the application knows what ports it needs (even some which just
> might be used later) and can also identify itself to the user. Seems
> more reasonable to me.

The application can lie and propose to open X and then when user says ok
open Y. The prompt really needs to be initiated firewall-side


-- 
Nicolas Mailhot



More information about the devel mailing list