On Mon, Aug 26, 2019 at 8:31 AM Vitaly Zaitsev via devel < devel@lists.fedoraproject.org> wrote:
> Hello all. > > Is it okay that firewall is completely disabled by default (opened all > ports 1025-65535) on Fedora Workstation? > > I think that this is a major vulnerability and it must be fixed by > changing default zone to public. > > firewall-cmd --list-all > FedoraWorkstation (active) > target: default > icmp-block-inversion: no > interfaces: enp1s0 > sources: > services: dhcpv6-client mdns samba-client ssh > ports: 1025-65535/udp 1025-65535/tcp > protocols: > masquerade: no > forward-ports: > source-ports: > icmp-blocks: > rich rules: > I agree that this is quite ill advised. As the maintainer of the Cinnamon spin, can anyone answer whether (1) this would affect spins other than Workstation, and (2) if so, how to fix it? Thanks, -Dan
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
