Product defaults to wide-open firewall
Rave it
chat-to-me at raveit.de
Tue Dec 9 03:47:16 UTC 2014
Am Mon, 08 Dec 2014 23:31:42 +0000
schrieb devel-request at lists.fedoraproject.org:
> Message: 7
> Date: Mon, 08 Dec 2014 23:54:30 +0100
> From: Alec Leamas <leamas.alec at gmail.com>
> To: Development discussions related to Fedora
> <devel at lists.fedoraproject.org>
> Subject: Re: "Workstation" Product defaults to wide-open firewall
> Message-ID: <54862C26.9020009 at gmail.com>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> On 08/12/14 16:33, Matthew Miller wrote:
> > On Mon, Dec 08, 2014 at 02:31:58PM +0000, Ian Malone wrote:
> >> There are three products: workstation, server, cloud. Workstation is
> >> the one for desktop use. That leaves server to aim for the traditional
> >> fedora user base, since cloud is (understandably) a very different
> >> thing. So if you want a desktop system with a security focus where do
> >> you look now?
> >
> > So, it's important to understand — here on the devel list, certainly —
> > that these three are part of a marketing strategy, and in order for
> > such a thing to be effective and not just fluffy talk, it does involve
> > technical changes to match the plan.
>
> I have no problems with this. However, besides the technical/marketing
> trade-offs, here is also a process issue. Obviously, a lot of people
> were surprised by Kevin's finding that the workstation firewall was
> default open for ports > 1024.
>
> Tracking this issue back we find [1] where the workstation group tried
> to just disable the firewall. This started some threads. FESCO rejected
> the change request.
>
> For me, this issue then disappeared from my radar. It seems that after
> FESCO turned down the wide-open system option the discussion was in the
> workstation list, where they ended up opening all user ports (?) and
> implemented this.
>
> When a lot of people are surprised, isn't that a sign of a process
> problem? Should we try to avoid surprises like this?. If so, how?
>
> (I'm not trying to be argumentative or to blame anyone; if my pidgin
> English gives that impression please ignore it).
>
>
> Cheers!
>
> --alec
Is it possisible that the real reason for this decision from gnome was to fix a long outstanding bug in gnome-user-share?
see
https://bugzilla.redhat.com/show_bug.cgi?id=179187#c26
https://bugzilla.gnome.org/show_bug.cgi?id=336201#c6
realy amazing how gnome fix that bug ;)
Wolfgang
More information about the devel
mailing list