"Workstation" Product defaults to wide-open firewall

Bastien Nocera bnocera at redhat.com
Mon Dec 8 09:50:43 UTC 2014

----- Original Message -----
> Hash: SHA1
> We don't need open or preconfigured high ports.
> What we really need is a user notification with options to allow or
> deny like we do with SELinux.
> That would be a appropriate solution for a workstation.

No it wouldn't be, because users don't like being asked security questions,
even less so when they don't have the skills to understand the consequences
of their choices.

The changes were vouched for by the Fedora and GNOME designers, as well as
the firewalld maintainers.

More information about the devel mailing list