"Workstation" Product defaults to wide-open firewall
Ian Malone
ibmalone at gmail.com
Mon Dec 8 14:31:58 UTC 2014
On 8 December 2014 at 13:45, Matthew Miller <mattdm at fedoraproject.org> wrote:
> On Mon, Dec 08, 2014 at 12:11:40PM +0000, Ian Malone wrote:
>> >> >>> You're free to select another firewall zone
>> And free to move to another distro of course.
>
> Well, or free to select another Fedora offering, or configure you
> systems to not be Fedora Workstation.
>
> The defaults are different in the generic config, and appropriately
> more strict in Server. However, as a point of reference, there is no
> configured host packet-filter firewall at all in Cloud, as that's not
> the expectation in that environment.
>
Pulling in another quote:
> That's the main point, but as a secondary one, please take a look at
> <http://fedoraproject.org/wiki/Workstation/Workstation_PRD>. We aren't
> those other operating systems, but the target audience that Workstation
> is aiming for _isn't_ entirely the traditional Fedora userbase. That's
> a good thing; we have a model here were we can actually have different
> configurations for different use cases.
There are three products: workstation, server, cloud. Workstation is
the one for desktop use. That leaves server to aim for the traditional
fedora user base, since cloud is (understandably) a very different
thing. So if you want a desktop system with a security focus where do
you look now?
As pointed out elsewhere, the firewall configuration GUI isn't even
installed by default, so if you want to change this on a new system
you may have to connect to the internet to do it and this is hidden
from people who are new to the system.
--
imalone
http://ibmalone.blogspot.co.uk
More information about the devel
mailing list