Firewall blocking desktop features
rc040203 at freenet.de
Wed Sep 11 13:20:41 UTC 2013
On 09/11/2013 02:46 PM, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On 09/11/2013 06:35 AM, Heiko Adams wrote:
>> Am 11.09.2013 12:30, schrieb Alec Leamas:
>>> That said, I see your point. Seems to boil down to that only the
>>> application knows which port(s) to open and why, whereas only the
>>> firewall can guarantee that it actually opens the ports requested by
>>> user instead of something else.
>> So the application needs to ask the firewall to open one or more ports and
>> the firewall has to ask the user for permission to do so. In this szenario
>> the firewall knows what application wants which port(s) to be open. Letting
>> the application directly ask for permission to punch holes in the firewall
>> is IMHO the worst case of all and a securiry nightmare.
> Asking my wife if she intends to open port 2345 is a waste of time. She has
> no idea whether or not this is required. And will quickly learn to answer ok.
> Asking her "Do you want to make security changes to share directory
> /home/phyllis/Share?" Or
> Do you want to make security changes to share Printer XYZ?
> Would make sense.
My marriage would be facing serious troubles, if my wife opens any port
on our shared machines ;)
Seriously, I think you guys are forgetting Linux isn't a
More information about the devel