Other download options
pselists at mindspring.com
Wed Dec 10 18:19:21 UTC 2014
On 10 Dec 2014, at 12:52, Ben Cotton wrote:
> On Wed, Dec 10, 2014 at 12:47 PM, Mike Pinkerton
> <pselists at mindspring.com> wrote:
>> I also am trying to figure out how I can use Fedora going forward
>> to support
>> general desktop requirements for SMB office workers, creative
>> types and
>> others who have heretofore been using Fedora as a general, secure by
>> default, Gnome desktop OS. The only ideas I have come up with so
>> far are:
> Why not the Workstation product with a firewall configuration more to
> your liking? Is there something besides the firewall that causes
> Fedora 21 Workstation to not meet your needs?
Primarily the uncertainty of what changes the Workstation WG has
made, coupled with Matthew Miller's comments that:
"Right now, 'desktop system with a security focus for new users'
isn't a key part of that effort. ... So, if you're not in the target
of that focus, where do you look? Well, you can certainly pick one of
our other desktop spins ..." None of those spins is Gnome-based.
For office workers, creative types and similar, there is always a
mixture of new and old users, a mixture of savvy and not, and always
a few folks who, unless prevented, would do incredibly stupid things
that put your whole network at risk. Security is always a prime
I would not have known about the firewall issue if Kevin Kofler had
not kindly flagged it to this list. If the Workstation WG is willing
to implement such a basic change with little notice -- and the two
sentences in the Release Notes don't give adequate notice that Fedora
has switched from a "secure by default" to an "insecure by default"
firewall configuration -- then I can't trust the Workstation product
until I can audit all of its configurations to determine where and
how they differ from those I can support for my users. I don't have
the time to do that.
I also don't know whether Workstation updates will pull in other
similarly bad ideas in the future, and whether I would have to re-
audit all of the configuration after each update.
More information about the devel