"Workstation" Product defaults to wide-open firewall

Chuck Anderson cra at WPI.EDU
Tue Dec 9 20:34:13 UTC 2014 

On Tue, Dec 09, 2014 at 01:25:47PM -0700, Pete Travis wrote:
> On Dec 9, 2014 12:55 PM, "Reindl Harald" <h.reindl at thelounge.net> wrote:
> >
> >
> > Am 09.12.2014 um 20:51 schrieb Pete Travis:
> >
> >> Hmm... a whitelist of things that are allowed to ask for firewall
> >> accommodation doesn't help me develop new applications at all.  And
> >> you're jumping to a really high level UI thing and just sort of hand
> >> waving over the mechanism needed to make it all work.  Assigning
> >> different networks to zones is a different problem compared to a program
> >> asking for a port.
> >
> >
> > don't get me wrong but if it is too much asked for you to open a firewall
> port i don't want to have your network-aware new application on my machines
> or any machine working in networks i am responsible for
> >
> > a prerequisite for develop network applications is understanding of
> network basics and if your application don't use networking you are not
> affected
> >
> >
> > --
> >
> 
> Lets say I do have an understanding of network basics, just for the sake of
> argument.  I share my application with you.  The application is intended to
> listen on the network, you know this and want the application for that
> purpose.  You run the application, it tries to listen to a network port.
> Magick, prayers, and the ghost of Charles Babbage - or maybe some
> hypothetical dbus service- does *something* to find out if you really
> wanted that.  You did.  Neither one of us is is made incompetent by the
> convenience.
> 
> Here's the thing: firewalld will let this happen.  at here is a dbus
> interface.  Thomas has proven more than willing to accommodate RFEs. Nobody
> is asking for changes that would solve the problem of frustrated users or
> developers encountering firewall restrictions.  The GNOME folks don't want
> the UX compromise of rote-clicked dialogs.  Nobody else is suggesting an
> alternative implementation that actually *improves* the Fedora experience.
> Ideas get more traction than complaints.

Gnome doesn't want a dialog.  What other choice is there then besides
1) remove firewall?  Because any other choice basically a convoluted
equivalent to #1.

More information about the devel mailing list