bittorrent in core? what frontend?

[Sean]

On Sat, December 17, 2005 7:22 am, Michael A. Peters said:
> I would NOT want that.
> I've got that turned off on my Linksys - I don't want any ports at all
> open for forwarding that I haven't specifically opened for forwarding.
>
> Last thing I want is someone at my house running some program that opens
> up port forwarding on my router.

Well of course that's your decision to make, but we shouldn't force that
decision on everyone.

> That has to be done as root, so it has to either be in Anaconda - or in
> a system-config tool. I personally vote for the latter, I think Anaconda
> is too complicated as it is. OS X (at least 10.1 - haven't installed
> anything later) has a sweet and simple installer. But anyway, that's
> just my opinion. Linus Torvalds will probably tear me a new one for
> wanting an installer targeted at dumb users ;)

Well it can be handed off to a "root" process via dbus which imposes all
the necessary security.   We don't want to make this an install time
option, especially for peer services like BT.   You don't want a static
firewall rule for a process that is only running occasionally.   No, what
you want is  an appropriate firewall rule set only for the time that BT is
actually running.   Anything else is a security risk in itself.

> The problem with that is that root is required.
> I know some Windows firewalls do that - but only if you are running as
> admin.

This is a pretty easily solved techinical hurdle.   A user/application
combo that has been given permission to open ports could pass the request
off to a thread/process with enough permission to handle the task without
a problem.    dbus seems like a natural fit for this.  I would argue that
something along this line is the only way to avoid the security risk of a
static firewall rule for an application that only runs intermittently.

Sean