"Workstation" Product defaults to wide-open firewall

[Reindl Harald]

Am 09.12.2014 um 20:16 schrieb Robert Marcano:
> On 12/09/2014 02:19 PM, Reindl Harald wrote:
>>
>> Am 09.12.2014 um 19:45 schrieb Bastien Nocera:
>>>> Richard Hughes wrote:
>>>>> So do I! I'm a developer, which spin do I use so that the firewall
>>>>> doesn't get in my way? We can't develop a *product* based around what
>>>>> you specifically want, not me, nor anyone else on this list.
>>>>
>>>> If you're a developer, surely you know what a port is and can make a
>>>> few
>>>> clicks in firewall-config or system-config-firewall to open it! A
>>>> "developer" who can't even figure that out is a HORRIBLE developer!
>>>
>>> Still waiting for that answer about the rygel use case. You'll see how
>>> much of a HORRIBLE setup this can be...
>>
>> wrong question
>>
>> if there is a software which changes it's listening port randomly than
>> fix that broken by design software instead ruin the firewall
>>
>> there is *no single* technical reason to chose a random port
>
> I don't like the new default but I say that there are reasons for that.
> Example: two simultaneous users on differente sessions want to share
> music. The solution, define a port range for the default rygel
> installation, and the firewall UI should know the ranges Rygel uses

fine, than we are on a defined range of saying around 10 ports
bad enough but a different story to 1024-65535 blindly

and the point: even that range has to be confiremd by the user

not everybody is using that software, i don't use it because i have 
"mediathomb" on a fixed port - so somebody should tell me *a single* 
reason why a random software is the excuse to poke holes in *my* default 
security

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20141209/e9b19010/attachment.sig>