Comment # 2 on bug 1213627 from UPPERCASE

Hi Richard,


Sorry for the questions on Reddit, YouTube and the community forum. But I
simply didn't get an answer on Reddit and YouTube, the question was ignored.
The question was perceived as an attack on the user forum and people got
defense with creative reasoning without actually being involved in the
decisions or able to explain the reasoning, so people were just guessing to
save face of their favorite distro. At least, that's how the thread got closed,
without a definitive answer. So, I'm sorry for opening a topic here. At the
time it felt like a real bug/issue and getting it here in Bugzilla before the
final release of Aeon seemed like a good idea. But now I know for sure the lack
of a firewall is intentional.

Opening firewall ports aren't that hard in firewalld, not harder than using
podman or distrobox. And I believe YaST has a GUI tool for it as well, and
otherwise there is a GUI which is available in the Fedora repo named
firewall-config. Sure, you need to check the logs, as you would with many more
things as a dev/admin. `journalctl -fk` would be sufficient to identify
firewall issues.

If you really don't want to bug the users with firewall stuff, you could also
protect the privileged ports by default and leave the rest open. Then at least
there is something. I personally find the amount of assumptions about how users
should/will use their user friendly desktop a bit concerning. Technical
problems always need technical solution, depending on humans to do the
right/secure thing often leads to problems.


Thanks for replying. I won't bother you with this again and I hope people will
find this answer through search engines as well.