Re: trusted apps and trusted networks (was: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break)

Stephen Gallagher wrote: > I doubt that User C *as described* exists. I suspect you meant "User C > does not want an interactive notification. They want things to be > blocked and logged appropriately, so that if things are not behaving as > expected, they can find out why and what they would need

Re: trusted apps and trusted networks (was: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break)

On Mon, 2014-12-22 at 23:24 +0100, Kevin Kofler wrote: > Stephen John Smoogen wrote: > > User A wants to be notified of all programs opening ports even if he is > > going to whitelist them. > > User B does not want to be notified and could care less about security. > > etc. > > User C does not

Re: trusted apps and trusted networks (was: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break)

Stephen John Smoogen wrote: > User A wants to be notified of all programs opening ports even if he is > going to whitelist them. > User B does not want to be notified and could care less about security. > etc. User C does not want to be notified either, but just wants everything blocked silently.

Re: trusted apps and trusted networks (was: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break)

On 21 December 2014 at 09:45, Björn Persson wrote: > Mattia Verga wrote: > >Since I'm not good to write complex sentences in English, here is a > >schema that explains how I think firewalld should work as I wrote in > >the previous post. > > A "trusted app" to me would mean that I trust that it's

Re: allowing programs to open ports (was: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break)

On 21 December 2014 at 09:28, Björn Persson wrote: > Mattia Verga wrote: > >The alternative could be a "open approach" from Firewalld, where an > >application, when it's executed, can inform firewalld that needs to > >open a port, firewalld asks the user if it should grant access to the > >applic

trusted apps and trusted networks (was: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break)

Mattia Verga wrote: >Since I'm not good to write complex sentences in English, here is a >schema that explains how I think firewalld should work as I wrote in >the previous post. A "trusted app" to me would mean that I trust that it's secure enough to communicate even on *untrusted* networks. I d

allowing programs to open ports (was: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break)

Mattia Verga wrote: >The alternative could be a "open approach" from Firewalld, where an >application, when it's executed, can inform firewalld that needs to >open a port, firewalld asks the user if it should grant access to the >application and then opens the port... but this needs to be >implem

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

Since I'm not good to write complex sentences in English, here is a schema that explains how I think firewalld should work as I wrote in the previous post. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fe

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

Il 20/12/2014 23:32, Michael Catanzaro ha scritto: On Sat, 2014-12-20 at 22:24 +0100, Reindl Harald wrote: you completly ignored the following paragraph, my guess is because "ask the user" is considered harmful by GNOME upstream Well I read it, but yes, I do think that ask the user is harmful.

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

Am 20.12.2014 um 23:32 schrieb Michael Catanzaro: On Sat, 2014-12-20 at 22:24 +0100, Reindl Harald wrote: you completly ignored the following paragraph, my guess is because "ask the user" is considered harmful by GNOME upstream Well I read it, but yes, I do think that ask the user is harmful.

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

On Sat, 2014-12-20 at 22:24 +0100, Reindl Harald wrote: > you completly ignored the following paragraph, my guess is because > "ask > the user" is considered harmful by GNOME upstream Well I read it, but yes, I do think that ask the user is harmful. We need to get out of the business of training

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

Am 20.12.2014 um 22:19 schrieb Michael Catanzaro: On Sat, 2014-12-20 at 17:51 +0100, Mattia Verga wrote: Maybe I put it too simple, but instead of opening all high ports by default what about having firewall rules declared in RPMs for packages that need to have ports opened? Because we need t

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

On Sat, 2014-12-20 at 17:51 +0100, Mattia Verga wrote: > Maybe I put it too simple, but instead of opening all high ports by > default what about having firewall rules declared in RPMs for > packages > that need to have ports opened? Because we need to support applications that use random ports.

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

Il 17/12/2014 20:38, Matthew Miller ha scritto: This is clearly, not the most friendly approach; it’s my understanding that the desktop designers, network tools team, and security team are going to work together to develop a better overall solution for Fedora 22 and beyond. Maybe I put it too s

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

On Do, 2014-12-18 at 10:43 -0500, Bastien Nocera wrote: > > - Original Message - > > Hi, > > > > > > On the other hand, if you install something and it starts listening and > > > > you didn’t know that, > > > > > > If you install something from Fedora and it does that, then it's a bug in

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

Am 18.12.2014 um 16:43 schrieb Bastien Nocera: On the other hand, if you install something and it starts listening and you didn’t know that, If you install something from Fedora and it does that, then it's a bug in the application. No. It's you solving your problem with gnome-user-share and

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

- Original Message - > Hi, > > > > On the other hand, if you install something and it starts listening and > > > you didn’t know that, > > > > If you install something from Fedora and it does that, then it's a bug in > > the > > application. > > No. It's you solving your problem with

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

Hi, > > On the other hand, if you install something and it starts listening and > > you didn’t know that, > > If you install something from Fedora and it does that, then it's a bug in the > application. No. It's you solving your problem with gnome-user-share and declaring the fallout somebody

Re: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

Hey Matt, A few corrections for the portion about the workstation firewall. - Original Message - > Fedora Workstation firewall discussion > -- > > This week’s big devel-list thread concerned the default firewall > settings in Fedora Workstation. The F

5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break

Reposted from . Fedora is a big project, and it’s hard to keep up with everything that goes on. This series highlights interesting happenings in five different areas every week. It isn’t comprehensive news coverage — just quick summaries with links to