F21 System Wide Change: Workstation: Disable firewall

Miloslav Trma─Ź mitr at volny.cz
Thu Apr 17 21:31:49 UTC 2014


2014-04-16 1:28 GMT+02:00 Simo Sorce <simo at redhat.com>:

> if the users wants more flexibility then they would create new
> zones (like home, work, cafe, library, etc..) perhaps by cloning
> existing ones and then tweak the list of applications allowed to serve
> content in those zones.
> It would be better if the association were per-application rather then
> nameless ports.
>

firewalld has a concept of "services", so the port numbers don't need to,
and *shouldn't*, appear in UIs.  It still might make sense to discuss a
true per-*application* privileges (e.g. Empathy is allowed to listen on any
port), but only after we get reliable application isolation.
    Mirek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140417/a7c61675/attachment.html>


More information about the devel mailing list