RFE: FireKit
Colin Walters
walters at verbum.org
Fri Jul 24 15:34:42 UTC 2009
On Thu, Jul 23, 2009 at 2:16 PM, Ahmed
Kamal<email.ahmedkamal at googlemail.com> wrote:
> Hi,
>
> Here's a RFE for FireKit, a firewall desktop "kit".
The firewall is a longstanding messy problem, and I'm glad you're
interested in tackling it.
> User Experience:
> =======
> 1- Joe wants some help from his co-worker, he shares his Gnome desktop
> through vino. Vino kicks FireKit to ask Joe if he would like to open port
> 5900, and asks for a period of time. Joe selects yes, and chooses 30
> minutes. FireKit instructs iptables to open that port, and waits for 30
> mins.
This doesn't make sense to me - if I enable user sharing, why should I
have to enable it again?
> 2- Sally wants to share last night's photos with her team. She drops the
> photos in /var/www/html, and starts apache.
There's gnome-user-share for this which would be easier out of the
box. I don't think the desktop firewall scope should mix in support
for Unix servers, i.e. anything that traditionally listens on a port <
1024.
Backing up a minute, in discussions among the desktop team and other
people about this, one thing that came up as a specific problem with
having no firewall at all was the "public WiFi hotspot" case. If for
example I enable desktop sharing before leaving work, then head to the
airport, and log on there to WiFi, you really don't want the desktop
sharing still enabled. Nor likely do you want sshd.
In most of the other cases I can think of though, the firewall is
either a hindrance (trusted network at home or office), or pointless
(connected via 3G modem).
Which leads me to think that rather than being based on individual
ports and time, we just need a nice way to globally toggle the
firewall. And that could come down to marking networks as explicitly
trusted in NetworkManager, say.
So the user experience could be a bit more like this:
1) Joe is a salesperson who is visiting another company and connected
to their public WiFi. He wants to enable desktop sharing so people
not in the conference room can easily see his presentation. He goes
into vino and selects sharing. Vino sends a dbus message to
NetworkManager which says it's requesting a service. NetworkManager
knows this network isn't yet trusted, and sends a message to nm-applet
asking whether to make the network trusted or not. If the network
transitions from untrusted to trusted, the firewall is disabled for
the time he is connected to that network. This is a transient state -
if Joe suspends his computer, shuts down, or connects to another
network, the firewall goes back up.
More information about the fedora-devel-list
mailing list