allowing programs to open ports

drago01 drago01 at gmail.com
Mon Dec 22 09:10:04 UTC 2014


On Mon, Dec 22, 2014 at 9:26 AM, Björn Persson <Bjorn at rombobjörn.se> wrote:
> Stephen John Smoogen wrote:
>>Uhm no. You seem to be wanting a fight over something, and I have no
>>mood to engage. I hope you have a more pleasant holidays than what
>>your tone indicates you are currently having.
>
> The idea of making two calls to open a port seemed like a bad design to
> me, so I proposed what seemed like a better design.

FWIW we already have a mechanism to restricts which ports specific
applications are allowed to open without using firewalld at all. Its
called "SELinux" (only works for confined domains but server
applications should run in one anyway).


More information about the devel mailing list