F21 System Wide Change: Workstation: Disable firewall

Simo Sorce simo at redhat.com
Tue Apr 15 14:30:45 UTC 2014


On Tue, 2014-04-15 at 08:59 -0500, Michael Catanzaro wrote:
> On Tue, 2014-04-15 at 14:35 +0200, Zbigniew Jędrzejewski-Szmek wrote:
> > What needs to be done to improve the firewall integration?
> > 
> > Zbyszek
> 
> The rule in the Workstation technical spec is: "A firewall in its
> default configuration may not interfere with the normal operation of
> programs installed by default." [1] There's a discussion on the desktop
> list beginning at [2] that has some brainstorming and explanation as to
> why this would be hard.
> 
> [1]
> https://fedoraproject.org/wiki/Workstation/Technical_Specification#Firewall
> 
> [2]
> https://lists.fedoraproject.org/pipermail/desktop/2014-February/009142.html


Ooh, I say ... firewall is hard, let's eat some popcorns and disable
it ...

The fact the problem is hard is no excuse to disable it by default.
If the workstation WG feels hard about it I could see making it very
easy to disable it, like Microsoft does, by having a settings item where
you can click a button and turn it off.

But disabling it by default is just a regression, and an irresponsible
thing to do for machines that are regularly brought on insecure networks
(all sorts of open wifi, and foreign LANs).

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York



More information about the devel mailing list