Firewall blocking desktop features

Heiko Adams ml at fedora-blog.de
Wed Sep 11 10:35:54 UTC 2013


Am 11.09.2013 12:30, schrieb Alec Leamas:
> 
> That said, I see your point.  Seems to boil down to that only the
> application knows which port(s)  to open and why, whereas only the
> firewall can guarantee  that it actually opens the ports requested by
> user instead of something else.
> 
So the application needs to ask the firewall to open one or more ports
and the firewall has to ask the user for permission to do so. In this
szenario the firewall knows what application wants which port(s) to be
open. Letting the application directly ask for permission to punch holes
in the firewall is IMHO the worst case of all and a securiry nightmare.
-- 
Regards,

Heiko Adams


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130911/d0c260e9/attachment.sig>


More information about the devel mailing list