"Workstation" Product defaults to wide-open firewall

Reindl Harald h.reindl at thelounge.net
Tue Dec 9 15:04:46 UTC 2014

Am 09.12.2014 um 15:57 schrieb Christian Schaller:
> Well I think it is hard for anyone to guess what would be reasonable defaults for
> you specifically, any default is by its nature just targeting an generic
> person, which might or might not be a lot like you.
> But if you are aware and understand the finer details here then it isn't that
> big a job to change it, you should be able to go into the network manager, choose your
> connection, choose 'identity' (should probably be moved to be under security?) and change
> the zone for your network to whatever suits you better.

and why can't you do the same if you want it open instead start 
wide-open and expect from people to secure their system

how long do you think does it take until someone is so audacious and 
installs mysql and apache with the intention just to develop some 
webscripts on his workstation *beause* he want only play around with it 
not imaging that his mysqld is open to the world and not just localhost?

the same applies for *any* other service in /etc/services with a port 
number above 1024 - ship unsecure defaults and expect users to secure 
their machines is pervert - that won't happen, sooner or later damage 
will happen and nobody feels responsible

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20141209/e3d5fed4/attachment.sig>

More information about the devel mailing list