Here's one fellow's interpretation of that requirement.
--- Begin Message ---
- To: debian-devel@lists.debian.org
- Subject: Re: Required firewall support
- From: md@Linux.IT (Marco d'Itri)
- Date: Thu, 17 Mar 2005 00:24:00 +0100
- Message-id: <20050316232400.GA14271@wonderland.linux.it>
- Mail-followup-to: debian-devel@lists.debian.org
- In-reply-to: <87ekef2nhv.fsf@becket.becket.net>
- References: <87oedjtndt.fsf@becket.becket.net> <20050316230804.GB14110@wonderland.linux.it> <87ekef2nhv.fsf@becket.becket.net>
On Mar 17, Thomas Bushnell BSG <tb@becket.net> wrote: > > > One of the conditions for SCC is "fully functioning Unix, including > > > DNS and firewall support." What specifically is intended by "firewall > > > support"? > > I think that simple ACLs are the bare minimum. > Ok, can you point me at the specific feature, and why is this feature I think that the minimum is per-interface permit/deny ACLs which could match at least on IP protocol number, TCP/UDP ports and ICMP types. > important for packaging in SCC? Because Debian should not waste resources to support a toy OS (in this case defined as one not secure enough to stay on the internet for real work). -- ciao, MarcoAttachment: signature.asc
Description: Digital signature
--- End Message ---