"Workstation" Product defaults to wide-open firewall
Reindl Harald
h.reindl at thelounge.net
Mon Dec 8 16:22:49 UTC 2014
Am 08.12.2014 um 17:17 schrieb Bastien Nocera:
>> Am 08.12.2014 um 17:10 schrieb Bastien Nocera:
>>>>> Security is about compromises. The net result of the old firewall
>>>>> settings
>>>>> was people disabling the firewall.
>>>>
>>>> And the net result of the new firewall settings is you disabling the
>>>> firewall for them,
>>>
>>> It's not disabled
>>
>> it is practically
>>
>> the only port unprivileged code can listen on is > 1024, you opened that
>>
>>>> The new firewall settings essentially amount to disabling the firewall.
>>>
>>> It doesn't
>>
>> it does
>>
>> the only port unprivileged code can listen on is > 1024, you opened that
>
> And you're not interested in protecting any of the services running as root?
noah stop that polemic
i know /etc/services and hence i am interested in protecting *any port*
period - end of discussion - we will never agree and thankfully i gave
up maintaining any enduser machine years ago because i had enough of the
out-of-the-box security problems on windows systems and god bless that i
never started to recommend anybody use whatever OS
the machines i have to bother about are secured
*but* be sure that discussion is bookmarked if we read soon about damage
done by careless defaults to users which thought they can trust their
operating system in a default setup
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20141208/f71da353/attachment.sig>
More information about the devel
mailing list