Control: severity -1 important On Fri, 13 Mar 2015 15:01:15 +0100 Jann <jann+report...@thejh.net> wrote: > Package: netfilter-persistent > Version: 1.0.3 > Severity: grave > Tags: security
> If netfilter-persistent or one of its dependencies fails to load, > system boot continues normally with a wide-open netfilter > configuration. IMO, this should fail secure: If the firewall can't > be brought up, at least networking should not be brought up either. Thanks for reporting this issue. I have also been affected by this in the past and took some time to realize that my system was running without a firewall. However I am not sure that stopping the boot process or disabling networking is the right action to take if netfilter configuration fails. That could render a remote-administered system unreachable, which would make the life of sysadmins rather painful. IMHO, the solution is rather to increase the visibility of the problem so that the sysadmin quickly notices the failure. That could be through a desktop notice for desktop systems, or a mail to root@ on servers. I am also downgrading the severity of this bug. The issue described here is not a security hole in netfilter-persistent per se, because the latter works well when properly configured and actually increases security. It's rather the handling of an error condition that could be improved. Cheers, -- .''`. Sébastien Villemot : :' : Debian Developer `. `' http://sebastien.villemot.name `- GPG Key: 4096R/381A7594
signature.asc
Description: This is a digitally signed message part