"Workstation" Product defaults to wide-open firewall

Bastien Nocera bnocera at redhat.com
Mon Dec 8 15:49:25 UTC 2014



----- Original Message -----
> On Mon, Dec 08, 2014 at 02:31:58PM +0000, Ian Malone wrote:
> > There are three products: workstation, server, cloud. Workstation is
> > the one for desktop use. That leaves server to aim for the traditional
> > fedora user base, since cloud is (understandably) a very different
> > thing. So if you want a desktop system with a security focus where do
> > you look now?
> 
> So, it's important to understand — here on the devel list, certainly —
> that these three are part of a marketing strategy, and in order for
> such a thing to be effective and not just fluffy talk, it does involve
> technical changes to match the plan.
> 
> Right now, "desktop system with a security focus for new users" isn't a
> key part of that effort. I certainly don't dispute that user security
> and education are good goals, and I don't think anyone on the
> workstation team does either — it's just a matter of the steps we take
> to get there.
> 
> So, if you're not in the target of that focus, where do you look? Well,
> you can certainly pick one of our other desktop spins, which have
> different firewall defaults. Currently, all the generic one, but I'd
> like to move to a model where spins have more freedom here too. We even
> have a proposal for a new spin focused on privacy and security — the
> Netizen Spin. (If you're interested, I think that could use additional
> contributors.)
> 
> Or, you can do what I do: start with Fedora Workstation and then
> configure it in a way that makes sense for my needs, or if you're
> deploying for users into a managed environment, use the tools the OS
> provides to preconfigure the system for whatever makes sense there.

Make sure to note that I'm convinced that the new firewall settings in
Fedora Workstation 21 are more secure than what was available in Fedora 20's
default settings.

If Reindl, Kevin or Tomas want to disagree with that, I'll give you a little
exercise:
Having just installed and updated my Fedora 20, I want to share a video in my
home directory using UPnP/DLNA to my TV, using rygel for example. Document the
steps necessary to achieve that.

Cheers


More information about the devel mailing list