Re: Feature Request "secure by default"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora <fedora-list@xxxxxxxxxx>
Subject: Re: Feature Request "secure by default"
From: Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx>
Date: Sun, 10 Jun 2007 20:15:49 +0530
In-reply-to: <9008cd5d0706100734y4694fd10v807bc18e0d835ed2@xxxxxxxxxxxxxx>
Organization: Red Hat
References: <648d054e0706100611i67c76721rabd711494238a57a@xxxxxxxxxxxxxx> <200706101550.23136.manuel@xxxxxxxxxxxxxx> <9008cd5d0706100717r4a332783j389093815af6a792@xxxxxxxxxxxxxx> <466C099E.9030607@xxxxxxxxxxxxxxxxx> <9008cd5d0706100734y4694fd10v807bc18e0d835ed2@xxxxxxxxxxxxxx>
Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>
User-agent: Thunderbird 1.5.0.10 (X11/20070302)

Andras Simon wrote:


Right, but I think that it is relevant in a discussion about "secure
by default". (I'd be more than happy to be corrected about this.)

I can't see how it is relevant. It isn't a daemon and it doesn't connectto the network. If you did disable it and it was turned that is indeed abug that not one that really affects security.


                                                         What daemons

by default are connecting
to the network?


Since I disabled them after first boot, I can't name them all. But
rpc, nfs, sendmail were definitely among them. Though they may have
been hidden by the default firewall rules.

The services you quote don't connect to network by default. For example,sendmail is by default configured to connect only to the localhost. Itis enabled only to deliver log files to the root user and you have toexplicitly configure it to connect to the network. The default firewallconfiguration does block it too.


Rahul

Follow-Ups:
- Re: Feature Request "secure by default"
  - From: Charles Curley
- Re: Feature Request "secure by default"
  - From: Alexander Boström
- Re: Feature Request "secure by default"
  - From: Andras Simon

References:
- Feature Request "secure by default"
  - From: Simon Jolle
- Re: Feature Request "secure by default"
  - From: Manuel Arostegui Ramirez
- Re: Feature Request "secure by default"
  - From: Andras Simon
- Re: Feature Request "secure by default"
  - From: Rahul Sundaram
- Re: Feature Request "secure by default"
  - From: Andras Simon

Prev by Date: Re: Running qemu-kvm and vmware server together
Next by Date: Re: How to get the update notifications working on a installed Fedora KDE Live CD? + wireless proble
Previous by thread: Re: Feature Request "secure by default"
Next by thread: Re: Feature Request "secure by default"
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]