"Workstation" Product defaults to wide-open firewall
h.reindl at thelounge.net
Mon Dec 8 15:13:55 UTC 2014
Am 08.12.2014 um 15:45 schrieb Bastien Nocera:
>>>> On 12/08/2014 12:51 PM, Bastien Nocera wrote:
>>>> This is wrong and you know about that - the firewalld folks have been
>>>> urged to use this zone for the Workstation product - it was a
>>>> Workstation team decision.
>>> What?! We discussed it, and it was deemed acceptable by you, and mitr.
>>> We went back and forth on this, and you agreed that it was a good
>>> cost/benefit decision.
>> We could choose between removing firewalld and accepting this zone ...
> Which you could have refused if you felt that it was an unacceptable compromise.
> Which you didn't do. Are you still going to argue that this wasn't _vouched_ for
> by you and the other firewall stakeholders?
Google translates "vouched" to "verbürgt"
suck something is not guarantee for it
beeing forced to accept something or get the firewall completly dropped
in the product is the opposite of a open discussion
to be honest the way you agrue in this thread "it's the applications
fault if it listens to a port and not ours that we make the OS wide
open" don't let you appear as somebody who is open for a security
discussion killed always with "but then some things don't work magically
and we want that for user expierience" so you hardly would follow
advices from security experts no matter what they say
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 181 bytes
Desc: OpenPGP digital signature
More information about the devel