On Thu, 04 Sep 2008, James Dinkel wrote: > I would say leave the ports open and leave the profile files. Leave it up > to the user to manage the firewall. If the package is removed, it's not > going to be listening on those ports any more anyway. >
This is almost what happens. The profile files are conffiles, so they are removed on purge. However, users can still a) see the application rule via 'ufw status' and b) still delete the application rule by using the profile name. Jamie -- Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
signature.asc
Description: Digital signature
-- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
