About F19 Firewall
P J P
pj.pandit at yahoo.co.in
Tue Sep 24 15:29:56 UTC 2013
Hi,
----- Original Message -----
> From: Thomas Woerner <twoerner at redhat.com>
> Subject: Re: About F19 Firewall
> Applications or daemons can only request changes to the firewall if they
> are authenticated.
Sure. But user authentication is function of the task an application performs and not of the firewall rules it adds or removes. In most cases, user won't even know what firewall rules an application is going to add/edit/remove. Meaning if an authenticated application leaves user's machine vulnerable, that is always going to be a side-effect and not an intended one.
Ex. Say I start virt-manager, it prompts me for authentication, I enter password and click [Ok]. It starts libvirtd in the background, creates interfaces, adds firewall rules etc. etc. As a user looking at the GUI, I'm completely oblivious to what it is doing(or did) in the background.
This side-effect design is what I think isn't a good idea.
---
Regards
-Prasad
http://feedmug.com
More information about the devel
mailing list