Re: Release update
On Mon, Mar 29, 2004 at 08:26:06PM +0200, Thiemo Seufer wrote:
> > Having iptables or ipchains installed as part of the base install
> > would be good - but I'm suggesting that we have some default rules,
> > such as accepting only local connections to all services.
>
> Which would AFAIK immediately kill the s390 installer, which runs over
> ssh. I have yet to see a rule set which works decently everywhere.
Sure, some people are going to have different needs, but I think
that disabling incoming connections unless explicitly enabled would
be a proactive step for the distribution.
If there is one arch which wouldn't allow this then fair enough
disable it for that one, I don't think that is a sufficiently good
argument for disabling it for all though.
Steve
--
Reply to: