ZeroConf in Ubuntu Edgy

Patrick McFarland diablod3 at
Mon Jul 3 23:02:48 BST 2006

On Monday 03 July 2006 17:18, Ivan Krstic wrote:
> Patrick McFarland wrote:
> > Honestly, if I had some sort of large pull in the Ubuntu project, I would
> > have tried to delay a Ubuntu release indefinitely until such a tool
> > appears.
> That wouldn't make any sense.

Depends if you think lack of features can be show stoppers or not.

> > This
> > is a major failing of desktop distros as a whole, and is a usability
> > problem.
> No, and no, respectively. The usability problem is that users have to
> deal with firewalls at all. We address it by short-circuiting the issue:
> because we don't ship open ports, our users don't have to worry much
> about firewalling.

No, I'm pretty sure I'm right on this. Having all ports closed by default 
is /not/ the correct behavior if you can't easily correct it: of course, as I 
said, no one has made a simple and easy to use tool to do otherwise.

Now, what would be nice would be allowing packages to add and remove rules for 
users to use to manage their firewall. ie, if I install Apache, then an 
Apache rule (minimally covering 80 and 443, preferably grokking the 
httpd.conf for all ports mentioned) appears in the Magical Firewall Config 
panel, so I can manage Apache without needing to know what ports it runs on.

> There are obviously cases where this reasoning doesn't apply, and
> addressing those is something we want to do -- obviously, as the
> firewall management has been bountied -- but you need to calm down, and
> recognize you're not talking about the base case.

No, I'm not talking about the base case. The base case is a singular computer 
connected to the Internet, and no other machines on the LAN (or no LAN to 
begin with)

> > Its hard to tout Linux as secure if you can't easily manage your
> > firewall.
> See above.

What I said still holds true. People think firewall management on this scale 
actually matters to 95% of the users, including people who try to say Windows 
is a better solution than Ubuntu.

The majority of computer users, sadly, can't see through the FUD, so the only 
way I seriously can see as a way to deal with it is just make the best damn 
firewall management app in existence.

I'd like to see this added to the todo list as a required feature for Edgy 
release, because it really is a sore spot in the Linux desktop environment 

Patrick McFarland ||
"Computer games don't affect kids; I mean if Pac-Man affected us as kids,
we'd all be running around in darkened rooms, munching magic pills and
listening to repetitive electronic music." -- Kristian Wilson, Nintendo,
Inc, 1989

More information about the ubuntu-devel mailing list