ubuntu-phone team mailing list archive

Thread
Date

Re: do we have a firewall in the phone?

To: Matthias Apitz <guru@xxxxxxxxxxx>
From: Michał Sawicz <michal.sawicz@xxxxxxxxxxxxx>
Date: Fri, 03 Apr 2015 21:47:33 +0200
Cc: ubuntu-phone <ubuntu-phone@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <20150403194409.GA2547@c720-r276659>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0

W dniu 03.04.2015 o 21:44, Matthias Apitz pisze:
> El día Friday, April 03, 2015 a las 09:32:33PM +0200, Michał Sawicz escribió:
> 
>> W dniu 03.04.2015 o 21:13, Matthias Apitz pisze:
>>> I.e. the phone is completely open on all ports!!! Can I activate and
>>> configure some inbound firewall in the phone?
>>
>> Well, you *opened* that port to listen on, how is that not expected?
> 
> Of course I did, to run this test.
> 
>> Isn't not listening on any outside port better than putting a firewall
>> on the device? If you find a service that is actually listening on the
>> device, that'd definitely be a bug that needs fixing.
> 
> The device is at least (after enabling SSH) listening on port 22.

Yes, after enabling it, which is a developer thing to do.

>> Can you describe an attack vector you're imagining that would require a
>> firewall to be installed on the device?
> 
> The above mentioned port 22 and any other any app may LISTEN on.

Apps are confined, they can not open ports to listen on.

-- 
Michał Sawicz <michal.sawicz@xxxxxxxxxxxxx>
Canonical Ltd.

Attachment: signature.asc
Description: OpenPGP digital signature

Follow ups

Re: do we have a firewall in the phone?
From: Jamie Strandboge, 2015-04-03
Re: do we have a firewall in the phone?
From: Matthias Apitz, 2015-04-03

References

do we have a firewall in the phone?
From: Matthias Apitz, 2015-04-03
Re: do we have a firewall in the phone?
From: Michał Sawicz, 2015-04-03
Re: do we have a firewall in the phone?
From: Matthias Apitz, 2015-04-03