Re: allowing programs to open ports

- Original Message - > On 5.1.2015 15:57, Bastien Nocera wrote: > > - Original Message - > >> Björn Persson wrote: > >>> I bet! I worry that the questions would quickly become annoying. But if > >>> ports are going to be blocked by default, then there needs to be some > >>> way fo

Re: allowing programs to open ports

On 5.1.2015 15:57, Bastien Nocera wrote: > - Original Message - >> Björn Persson wrote: >>> I bet! I worry that the questions would quickly become annoying. But if >>> ports are going to be blocked by default, then there needs to be some >>> way for non-sysadmin users to open them. >> >> No

Re: allowing programs to open ports

- Original Message - > Björn Persson wrote: > > I bet! I worry that the questions would quickly become annoying. But if > > ports are going to be blocked by default, then there needs to be some > > way for non-sysadmin users to open them. > > No, why? The ports just need to be closed, pe

Re: allowing programs to open ports

Hi On Sun, Jan 4, 2015 at 6:32 PM, Kevin Kofler wrote: > Björn Persson wrote: > > I bet! I worry that the questions would quickly become annoying. But if > > ports are going to be blocked by default, then there needs to be some > > way for non-sysadmin users to open them. > > No, why? The ports

Re: allowing programs to open ports

Björn Persson wrote: > I bet! I worry that the questions would quickly become annoying. But if > ports are going to be blocked by default, then there needs to be some > way for non-sysadmin users to open them. No, why? The ports just need to be closed, period. Non-sysadmin users shouldn't be allo

Re: allowing programs to open ports

Stephen John Smoogen wrote: >1) I do not feel that countless programs will or want to accept >patches to open ports twice. I expect them to actually open a port >once and if they want to work with firewalld or some other firewall >daemon signal on dbus that they are looking to have a port open usin

Re: allowing programs to open ports

Florian Weimer wrote: >On 12/21/2014 05:28 PM, Björn Persson wrote: > >> Alternatively, cut out the packet filter and have GlibC ask the user >> whether the call to bind or connect shall be allowed to succeed (or >> automatically allow or deny the call if so configured). This has the >> advantage t

Re: allowing programs to open ports

On 22 December 2014 at 01:26, Björn Persson wrote: > Stephen John Smoogen wrote: > >Uhm no. You seem to be wanting a fight over something, and I have no > >mood to engage. I hope you have a more pleasant holidays than what > >your tone indicates you are currently having. > > The idea of making tw

Re: allowing programs to open ports

Am 22.12.2014 um 11:49 schrieb Florian Weimer: On 12/21/2014 05:28 PM, Björn Persson wrote: Alternatively, cut out the packet filter and have GlibC ask the user whether the call to bind or connect shall be allowed to succeed (or automatically allow or deny the call if so configured). This has

Re: allowing programs to open ports

On 12/21/2014 05:28 PM, Björn Persson wrote: Alternatively, cut out the packet filter and have GlibC ask the user whether the call to bind or connect shall be allowed to succeed (or automatically allow or deny the call if so configured). This has the advantage that the program is informed that i

Re: allowing programs to open ports

Am 22.12.2014 um 10:10 schrieb drago01: On Mon, Dec 22, 2014 at 9:26 AM, Björn Persson wrote: Stephen John Smoogen wrote: Uhm no. You seem to be wanting a fight over something, and I have no mood to engage. I hope you have a more pleasant holidays than what your tone indicates you are current

Re: allowing programs to open ports

On Mon, Dec 22, 2014 at 9:26 AM, Björn Persson wrote: > Stephen John Smoogen wrote: >>Uhm no. You seem to be wanting a fight over something, and I have no >>mood to engage. I hope you have a more pleasant holidays than what >>your tone indicates you are currently having. > > The idea of making two

Re: allowing programs to open ports

Stephen John Smoogen wrote: >Uhm no. You seem to be wanting a fight over something, and I have no >mood to engage. I hope you have a more pleasant holidays than what >your tone indicates you are currently having. The idea of making two calls to open a port seemed like a bad design to me, so I prop

Re: allowing programs to open ports

On 21 December 2014 at 14:40, Björn Persson wrote: > Stephen John Smoogen wrote: > >On 21 December 2014 at 09:28, Björn Persson > >wrote: > > > >> Mattia Verga wrote: > >> >The alternative could be a "open approach" from Firewalld, where an > >> >application, when it's executed, can inform firew

Re: allowing programs to open ports

Stephen John Smoogen wrote: >On 21 December 2014 at 09:28, Björn Persson >wrote: > >> Mattia Verga wrote: >> >The alternative could be a "open approach" from Firewalld, where an >> >application, when it's executed, can inform firewalld that needs to >> >open a port, firewalld asks the user if it s

Re: allowing programs to open ports (was: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break)

On 21 December 2014 at 09:28, Björn Persson wrote: > Mattia Verga wrote: > >The alternative could be a "open approach" from Firewalld, where an > >application, when it's executed, can inform firewalld that needs to > >open a port, firewalld asks the user if it should grant access to the > >applic

allowing programs to open ports (was: 5tFTW: Fedora 21, 22, and 19, firewall discussion, and holiday break)

Mattia Verga wrote: >The alternative could be a "open approach" from Firewalld, where an >application, when it's executed, can inform firewalld that needs to >open a port, firewalld asks the user if it should grant access to the >application and then opens the port... but this needs to be >implem