Bug 131745
Summary: | firewall doesn't allow for printer service discovery | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Bryan W Clark <nobody+bclark> |
Component: | system-config-securitylevel | Assignee: | Paul Nasrat <nobody+pnasrat> |
Status: | CLOSED RAWHIDE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 3 | CC: | mclasen, notting, walters |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | 1.4.10-1 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-10-13 19:42:21 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 131589 |
Description
Bryan W Clark
2004-09-03 20:29:39 UTC
Do we even want to offer the option of blocking it? My major concern here is that the print detection system works. Because of the interference from the firewall I assumed that this port had been shutoff for security reasons. However if we feel that always opening up the firewall for CUPS isn't a terrible security threat, then I'm fine with that since my major concern is taken care of. It will also give much less room for error in the firewall/printing setup. I'm happy to do either - though have I missed the screen/string freeze for FC3t2. In which case I can open by default and then when I improve the add/remove trusted services ui for bug #124161 you'll get better configuration. This sound like a plan? That sounds reasonable, but we definitely have to document that the firewall allows this by default, since the current default is to deny *everything* except a few ICMP packets, right? Sounds reasonable to me too. Lets go with that. this is a similar issue to bug 133478 paul, can we commit to opening this up and fix the UI issues later. CUPS browsing should be enabled in latest s-c-securitylevel (you will have to update s-c-securitylevel-tui). A rebuild for another issue pulled it in so it just wasn't in the %changelog. Can someone with a cups setup test with configuring firewall with system-config-securitylevel-tui-1.4.9-1 Works for me with 1.4.10-1. |