[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: Services automaticly change firewall rules to open access to themselfs.
- From: Bruno Wolff III <bruno wolff to>
- To: Arthur Pemberton <pemboa gmail com>
- Cc: Development discussions related to Fedora <fedora-devel-list redhat com>
- Subject: Re: Services automaticly change firewall rules to open access to themselfs.
- Date: Sat, 1 Sep 2007 14:23:59 -0500
On Sat, Sep 01, 2007 at 12:05:00 -0500,
Arthur Pemberton <pemboa gmail com> wrote:
> On 9/1/07, Bruno Wolff III <bruno wolff to> wrote:
> > On Sat, Sep 01, 2007 at 14:07:17 +0200,
> > Benny Amorsen <benny+usenet amorsen dk> wrote:
> > >
> > > Administrators sometimes want to limit which traffic can reach
> > > applications, and perhaps limit the risk when accidentally starting
> > > applications. Automating firewall setup makes that useless.
> >
> > That is probably the main reason. And having apps undo restrictions seems
> > like a really really bad idea.
>
> So being able to easily disable this wouldn't be enough?
I don't think so. I thought making it easy for people to shoot themselves
in the foot was the Microsoft way.
> > Plus I have no confidence that apps can properly rewrite iptables rules
> > correctly. iptables setups can have complications which will make it
> > hard to change them. I have used subroutines for checking reserved ip
> > ranges and have had services configured to only be available to local
> > ip addresses or specific interfaces.
>
> This is something that would/should work only if you're using
> system-config-firewall
And how is the code going to determine that?
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]