[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Services automaticly change firewall rules to open access to themselfs.



>>>>> "AP" == Arthur Pemberton <pemboa gmail com> writes:

AP> Not everyone uses SELinux. Everyone (almost) uses iptables.

Applications already know how to ask for incoming connections. It's
generally done by calling bind().

Administrators sometimes want to limit which traffic can reach
applications, and perhaps limit the risk when accidentally starting
applications. Automating firewall setup makes that useless.

The whole point of firewalling is to explicitly specify what should be
allowed and denied. If you take away that control, there is no reason
to have firewalling.


/Benny



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]