From Fedora Project Wiki
< Desktop | Whiteboards
(some highlights from todays fedora-desktop-list discussion) |
m (Whiteboard/Firewall moved to Desktop/Whiteboards/Firewall) |
(No difference)
| |
Revision as of 15:30, 28 October 2008
The problem with a static firewall as Fedora currently ships with iptables/system-config-firewall is that it actively interferes with a lot of things that users want to do with their desktops:
- Automatic discovery of printers and other services
- Music sharing (eg via DAAP)
- File sharing
Possible ways to improve the situation are:
- Just turn the firewall off. Rely on not running any unnecessary network-facing services, and lock the necessary services down using SELinux.
- Allow applications to poke holes in the firewall, under user-control
- Handle different situations differently: no firewall when on the trusted 'home network', but strict firewall when using coffee shop wifi