RFE: FireKit
Ahmed Kamal
email.ahmedkamal at googlemail.com
Thu Jul 23 21:54:36 UTC 2009
>To me it seems like a great idea, but your usual computer user
> does not really know about Apache and ports, IP's and the like.
Exactly the point, the user shares his desktop, or starts some service using
the services GUI, and FireKit should offer to help. Moreover, this actually
would improve desktop security, since without FireKit, a typical user after
wasting half an hour, would understand it was the firewall blocking him, and
would simply disable it for good. This happens on any OS. However, with
FireKit, pro-actively offering to help the user, and requesting by default a
limited time-window for opening the ports, actually ensures a better desktop
security
> Other than that, if you need help, ask.
I do :) I'm not sure how this should integrate with policy-kit for allowing
which users should be able to control the firewall. Should FireKit launch
its own daemon that runs all the time, or is there some other way. How to
control iptables without running shell commands, and how to hook on ports
creation events. I guess I should be using some python RTNETLINK bindings,
any ideas?
Any examples, design decisions, and pointers to code samples to make my life
easier, are highly appreciated
> What language do you intend to implement this in?
But of course python ;)
Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20090724/65496bc6/attachment.htm>
More information about the fedora-devel-list
mailing list