https://bugzilla.novell.com/show_bug.cgi?id=348575 User lnussel@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=348575#c7 --- Comment #7 from Ludwig Nussel <lnussel@novell.com> 2007-12-18 01:36:23 MST --- (In reply to comment #6 from JP Rosevear)
(In reply to comment #2 from Lukas Ocilka)
No service is allowed in firewall by default.
In many ways its nonsensical to enable services (ssh, avahi) by default at boot time that simply cannot be used in any meaningful way.
I don't disagree and would really like to see that solved in a better way too.
My main concern is that its sensible for the user, we can't ask them to grok things like "Would you like to make this interface internal?".
Yeah, the basic assumption seems to be that the user is too clueless to decide anything. I don't take that for granted. Sure, technically accurate wording likely confuses people ("external zone", wtf?) but I am confident that a proper wording can be found.
A more prominent firewall setup during installation to basically force people to make a conscious decision about the zones would be very helpful IMHO but this request was declined.
Do you have a reference #?
No, that was some talk on the floor when coolo told us (security) about his thoughts to redesign the workflow. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.