F21 System Wide Change: Workstation: Disable firewall

Josh Boyer jwboyer at fedoraproject.org
Wed Apr 16 16:49:28 UTC 2014


On Wed, Apr 16, 2014 at 12:39 PM, Simo Sorce <simo at redhat.com> wrote:
> On Wed, 2014-04-16 at 08:28 -0400, Josh Boyer wrote:

<snip>

>> A reduced set of zones firewall rules and proper integration in
>> whatever implementation is chosen would seem to be the middle ground
>> here.  I like the middle ground.  Maybe we could shoot for that?
>
> I certainly hope we can shoot for a simplified middle ground to start
> with.

OK.  So even with my simplified, less complicated, and less nuanced
overview, we still reach the same conclusion.  I'm glad to see that
even though someone is wrong on the internet, you can still see what
they're trying to accomplish without resorting to rhetoric and refusal
to consider the broader problems trying to be solved.  We need more
reactions like that.

>> Otherwise, I won't be astounded at all when FESCo rejects the current
>> Change and some users still turn off the firewall as one of the first
>> things they do because things don't work.
>
> Right, if nothing is done the only sensible solution is for FESCo to
> refuse the change, and then the only recourse a lot of user will have is
> to turn it off first thing :-(

That isn't sensible.  The only _sensible_ solution is to fix the
problem.  Everything else results in a broken state.  Either broken as
it is today, or broken in a different way.

josh


More information about the devel mailing list