F21 System Wide Change: Workstation: Disable firewall
Reindl Harald
h.reindl at thelounge.net
Tue Apr 15 16:47:52 UTC 2014
Am 15.04.2014 18:13, schrieb Andrew Lutomirski:
> On Tue, Apr 15, 2014 at 9:04 AM, Christopher <ctubbsii at apache.org> wrote:
>> Ideally, users would have complete knowledge of the behavior of every
>> piece of software in their system that utilizes the network, in which
>> case, they could very easily get by without a firewall. However, that
>> is not a reasonable expectation. A firewall protects users with
>> incomplete knowledge of their software.
>>
>> Example: user installs software X... but oops, they didn't realize it
>> was going to listen on port Y.... but that's okay, because no firewall
>> rule has been enabled to allow traffic on port Y, so the user is
>> secure.
>
> This sounds like a problem that should be separately fixed
please stop to talk about security because your argumentation
shows that you are clueless at this topic - you can't fix
all problems in every application
damend it is enough to have a sane and secure application
listening on a public reachable port after a until now
unknown security flaw was found, in the worst case combined
with privilege escalation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140415/e158c41a/attachment.sig>
More information about the devel
mailing list