Mailinglist Archive: opensuse-factory (241 mails)
| < Previous | Next > |
Re: [opensuse-factory] Samba and SuSEfirewall
- From: Alberto Passalacqua <alberto.passalacqua@xxxxxx>
- Date: Fri, 09 Feb 2007 14:30:47 +0100
- Message-id: <1171027847.6080.19.camel@xxxxxxxxxxxxxxxxxxxxxx>
The point is quite simple. This problem can be considered historical and
it seems a solution won't come in the near future.
I understand the security concerns, but it's pointless to have a secure
system if it doesn't provide the functionality you need.
Moreover, not having a viable solution, users are brought to do manual
changes to the firewall configuration, potentially compromising it,
which is even worse.
I don't think it's reasonable at all to answer that you should:
- use an internal interface: almost all systems have a single card, and
many offices just uses laptops for their versatility.
- tell the user it's an unlucky situation, which actually is not an
answer but just a way to tell "it's not my problem".
Considering SuSE and Novell are promoting Linux as a viable alternative
to Windows and that they want to improve interoperability between these
two worlds, I have some problem to understand how interoperability can
granted when it's not possible to easily configure, in a reasonably
secure way, the browsing of the local network.
Regards,
Alberto
Il giorno ven, 09/02/2007 alle 14.08 +0100, Marcus Meissner ha scritto:
> On Fri, Feb 09, 2007 at 02:04:02PM +0100, Alberto Passalacqua wrote:
> > Just to conclude, the bug is (not) fixed (and won't be):
> >
> > https://bugzilla.novell.com/show_bug.cgi?id=243809
> >
> > When Novell will stop giving non-answers it will be a nice day.
>
> The rule quoted there effectively opens your whole firewall.
>
> What is the point?
>
> Ciao, Marcus
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
it seems a solution won't come in the near future.
I understand the security concerns, but it's pointless to have a secure
system if it doesn't provide the functionality you need.
Moreover, not having a viable solution, users are brought to do manual
changes to the firewall configuration, potentially compromising it,
which is even worse.
I don't think it's reasonable at all to answer that you should:
- use an internal interface: almost all systems have a single card, and
many offices just uses laptops for their versatility.
- tell the user it's an unlucky situation, which actually is not an
answer but just a way to tell "it's not my problem".
Considering SuSE and Novell are promoting Linux as a viable alternative
to Windows and that they want to improve interoperability between these
two worlds, I have some problem to understand how interoperability can
granted when it's not possible to easily configure, in a reasonably
secure way, the browsing of the local network.
Regards,
Alberto
Il giorno ven, 09/02/2007 alle 14.08 +0100, Marcus Meissner ha scritto:
> On Fri, Feb 09, 2007 at 02:04:02PM +0100, Alberto Passalacqua wrote:
> > Just to conclude, the bug is (not) fixed (and won't be):
> >
> > https://bugzilla.novell.com/show_bug.cgi?id=243809
> >
> > When Novell will stop giving non-answers it will be a nice day.
>
> The rule quoted there effectively opens your whole firewall.
>
> What is the point?
>
> Ciao, Marcus
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |