Re: default firewall utility changes for Debian 11 bullseye
On August 1, 2019 10:42:37 AM UTC, Arturo Borrero Gonzalez <arturo@debian.org> wrote:
>On 7/31/19 7:20 AM, Adam Borowski wrote:
>> A port blocker just sabotages user's requests, requiring every
>configuration
>> action to be done twice.
>>
>
>Perhaps you are mixing shipping a software by default vs having a
>default
>blocking firewall ruleset in the system. Moreover, you are assuming a
>default
>firewall would block what? outgoing connections? incoming connections?
>
>The argument sounds very weak anyway.
>
>> An user who actually has a complex host setup needs basic skills to
>do so,
>> and those skills are more involved than installing a package would
>be.
>
>I think facilitating complex setups to under-skilled users is actually
>the key
>to be successful as an operating system.
I read that as saying two opposite things:
We can install something potentially useful, but not configure it to do anything to avoid problems (which is discouraged by policy).
We should make things easier for users who are less technical.
I don't think you can do both. Personally I don't think we should include additional daemons that do nothing. Personally I don't want to have to remember to remove it.
Scott K
Reply to: