F21 System Wide Change: Workstation: Disable firewall
Miloslav Trmač
mitr at volny.cz
Thu Apr 17 21:03:32 UTC 2014
2014-04-15 15:59 GMT+02:00 Michael Catanzaro <mcatanzaro at gnome.org>:
> On Tue, 2014-04-15 at 14:35 +0200, Zbigniew Jędrzejewski-Szmek wrote:
> > What needs to be done to improve the firewall integration?
> >
> > Zbyszek
>
> The rule in the Workstation technical spec is: "A firewall in its
> default configuration may not interfere with the normal operation of
> programs installed by default." [1] There's a discussion on the desktop
> list beginning at [2] that has some brainstorming and explanation as to
> why this would be hard.
>
> [1]
> https://fedoraproject.org/wiki/Workstation/Technical_Specification#Firewall
>
> [2]
> https://lists.fedoraproject.org/pipermail/desktop/2014-February/009142.html
>
For the benefit of keeping everything on this list:
AFAICS this discussion basically says "applications can't depend on
firewalld, therefore they can't use firewalld APIs, therefore they wouldn't
know whether the firewall restircts them, therefore firewalld must be
removed".
The only given reason why the applications can't depend on firewalld is
vague claims that the D-Bus API is somehow unusable, which is clearly false
because firewall-cmd is using exactly the same API.
Mirek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140417/15b8be59/attachment.html>
More information about the devel
mailing list