----- Original Message ----- > > Am 09.12.2014 um 14:23 schrieb Bastien Nocera: > > [1]: I haven't seen anything but arm-flailing on that issue. If somebody > > wants to > > go into details about what a server running inside the user's session would > > be > > able to do that a client wouldn't be able to, feel free. > > you realize the difference between a open port found by a network scan > in a public WLAN by any other client and a active outgoing connection to > specific machines? > > you realize that a security relevant bug in a service available over the > network may execute *any code* not intented by the running application > at all?
So the solution isn't to close ports, but not run services in contexts where it isn't safe to do so. This is what we implemented. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
