Tuesday, November 06, 2007

OS X 10.5 Leopard firewall really is broken

I thought the early reports might be exaggerated, but it really is broken:

TidBITS Safe Computing: Leopard Firewall Takes One Step Forward, Three Steps Back

...These are all problems Apple is perfectly capable of fixing and I'll be surprised if they don't address them sooner rather than later. Until then, I still recommend you activate the firewall in Block All Incoming Connections mode so you don't break applications. If you need to enable file sharing or other remote access, you'll need to either select the Set Access method, or turn your firewall off. One last option is to use ipfw and manually configure firewall rules, or use a GUI tool like the free WaterRoof, and skip the Leopard firewall completely. In WaterRoof, just click Rules Sets to pick your rules, and then go to Tools > Startup Script and install a startup script to run those rules when you reboot.

I originally thought I'd go to Leopard with 10.5.1, but now I'm settling in for a significantly longer wait. Maybe 10.5.3. It looks like I was right last February when I guessed they were a year away from ready.

No comments: