On 11/29/2013 2:14 PM, Claudio Freire wrote:
Shorewall is an iptables frontend. I don't see how that makes iptables not a firewall.
--- Iptables are a load of bricks. What you build with it is entirely based upon configuration. Unconfigured, iptables does nothing. The firewall functionality is entirely based in how you configure it.
Well, firing up yast and turning it off isn't rocket science, but sure, an option somewhere on the advanced install procedure couldn't hurt.
How would they know it is on or where to go to turn it off if they were new to OpenSuse?
Barring malfunction, if they don't know, they don't need to.
--- Two strikes -- we've already had a malfunction which is what the base note was about. And second on principle. SW always has bugs, especially lightly tested or untested SW.
If there's a malfunction (or misconfiguration), filing a bug report is what's needed.
--- No. I've filed many bug reports and had them thrown in my face as my "whatever" policy not being supported. They make any changes in the firewall, they'll be likely told it isn't supported. This also goes back to them having the knowledge you assume. You assume they know the cause, you assume they know how to file bugs, you assume they are even CAPABLE of filing a bug. I doubt my parents would have the first clue.
In any case, turning it off isn't.
--- Simple beats complex.
Um again, difference between installing it on, or installing pre- configured & off.
Pre-configured and off leaves the majority of the install base unprotected.
This is after they've been asked at install time if they want it or not -- you are assuming the majority picks to not install it. If that is the case, you are forcing your protection mechanism on them. You are providing a good reason for not doing any automated installs or upgrades, nor using a OS built kernel. If they don't know about it, it won't hurt them. That is a very bad precedent.
Ie: regular users, and that includes many developers, anyone not specialized in linux security in fact, don't really know how to configure something like AppArmor or SELinux, and if they know, they don't want to have to spend the time to do it on every installation.
Well, firing up yast and turning it ON isn't rocket science...
Only if it comes pre-configured. Otherwise, it is, since it implies building the profiles.
Pre-configured and "by choice" is how suse firewall was configured for years. I wouldn't call that worthless.
Well, it's a tradeoff. Security of oblivious users wins IMNSHO.
The basis of a a people-ruled government is that the people are informed. You are making it clear that you are for a "benevolent dictator" approach. The ends justifies the means. Historically, that has not turned out well.
As always in security, you're quite naive[0] (I just googled that, I make no claims about its content).
As always? Proof? Evidence? Claims w/o proof are commonly called marketing, advertising or propaganda. Anecdotal evidence is not a representative sample.
If that were the case, it'd only be because security in linux is taken seriously and by default. What you propose (making it off by default), is the exact opposite.
--- If it has always been taken seriously, then you are saying AppArmor wasn't needed.
No, no, AppArmor wouldn't have helped because the kind of behavior it prevents isn't one that resembles sendmail's primary function so much (ie: sending mail). AppArmor wouldn't have even noticed anything weird.
It doesn't do port policing by app?
BUT, if the bug had been more serious, and it had allowed remote code execution, AppArmor WOULD have prevented someone from installing a rootkit in your computer and gaining root.
Only if apparmor was configured correctly. If they can't keep a working configuration working on upgrade, how likely is it that they'll get a 100% perfect apparmor installation?
FUD
So making things clear and apparent to users is FUD, while doing things without their consent is fine? You got FUD backwards.
I'm all for making things clear.
Not for disabling AppArmor by default. If anything, quite the opposite. I suggest it should be kept on by default, and with profiles for as many applications as possible.
And if a prompt is added to the install procedure, it has to state clearly that if in doubt, leave it on.
That would be fine -- I just said it needs to be made clear at install time that a non-standard security policy is being turned on and that not doing so is bad practice (unless you are trying to be microsoft...?) Next up? Trying to be Sony with a rootkit install for the user's own good?
[0] http://www.itworld.com/security/77499/first-linux-botnet
Yippee.. anecdotal evidence is irrelevant. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org