On Thursday 07 May 2009 11:06:13 pm John Andersen wrote:
I beg to differ.
Every network I set up has egress filtering on key ports (such as port 25 at a very minimum).
What do you do with application that is testing for any working port, to connect to server that doesn't restrict access based on source port? It doesn't do anything evil, just phone home to tell about yet another successful installation, because author likes when many users are using his work, but wants to know that first hand. That application will pass trough security scrutiny, but some people will object that is invasion of privacy. There is myriad reasons why friendly AppArmor and firewall setup is good idea. In its current state all effort that went in development is for nothing. I'm not sure that many people will notice if one day it is removed. -- Regards, Rajko http://news.opensuse.org/category/people-of-opensuse/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org