Am 11.09.2013 15:05, schrieb Daniel J Walsh: > On 09/11/2013 08:56 AM, Alec Leamas wrote: >> Although this would work for both our wifes I'd hate it myself. There need >> to be some way in the interface to understand what's *really* going on >> here, the ports opened, triggers etc. But not unless requested, agreed. > > My idea is that Samba registers something with firewalld that says here is the > prompt to show if a process in user space says to open port 2345.
very very bad idea! that means if the is no samba running and whatever harmful process needs to open incoming connections it would trigger the promt for samba these is the way to go only if you want to design a security nightmare > The problem with this solution is potential conflicts in port numbers and pps > that just use random ports (Which I think should just not be allowed to use > the service and would require to disable the firewall.) the real problem i described above as long the is no way to get *predictable* which service/process is aksing for open a specific port and verify this on the system level this all is completly pointless
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
