[Nix-dev] Enabling CUPS unconditionally allows UDP/631 on the firewall
Peter Simons
simons at cryp.to
Mon Nov 18 19:42:54 CET 2013
Hi Eelco,
> I've been wanting to enable the firewall by default in NixOS for a
> while (https://github.com/NixOS/nixos/issues/55) and disabling port
> 22 would lock out people who have sshd enabled without having port 22
> opened explicitly in their configuration.nix.
you are right, that would be very bad. So we cannot easily change the
behavior of the current SSH module. We can change the modules
modules/services/printing/cupsd.nix
modules/services/x11/terminal-server.nix
modules/services/networking/minidlna.nix
though, right?
Does anyone see compelling reason not to?
Take care,
Peter
More information about the nix-dev
mailing list