“So the panel’s second and third options now have different names to their respective help file.”
Here http://tinyurl.com/2lny55 on the Apple website, it says (and the highlight is mine):
Mac OS X v10.5.1 Update
Application Firewall
CVE-ID: CVE-2007-4702
Available for: Mac OS X v10.5, Mac OS X Server v10.5
Impact: The “Block all incoming connections” setting for the firewall is misleading
Description: The “Block all incoming connections” setting for the Application Firewall allows any process running as user “root” (UID 0) to receive incoming connections, and also allows mDNSResponder to receive connections. This could result in the unexpected exposure of network services. This update addresses the issue by more accurately describing the option as “Allow only essential services, and by limiting the processes permitted to receive incoming connections under this setting to a small fixed set of system services: configd (for DHCP and other network configuration protocols), mDNSResponder (for Bonjour), and racoon (for IPSec). The “Help” content for the Application Firewall is also updated to provide further information. This issue does not affect systems prior to Mac OS X v10.5.
Excellent. So the confusing firewall, which as an aside, I still find less than perfect in terms of the labels that explain it’s three potential settings, is now both improved in technology and in documentation so there will be only as much risk of someone being confused as there was with the Tiger firewall. Er? No. Amazingly, the Mac OS X 10.5.1 update to Leopard now introduces a new piece of confusion. The labels on the firewall panel are now better, room for improvement but better, but now, the new documentation (as per highlight above), contradicts the new firewall.
Where the firewall panel lists:
- Allow all incoming connections
- Allow only essential services
- Set access for specific services and application
The help file, the updated one, remember? Says:
To allow remote connection of all applications and services to this computer, select “Allow all incoming connections.”
To have your firewall prevent connection of all services and applications, select “Block all incoming connections.”
To alter the default firewall connections for an application or service, select “Limit incoming connections to specific services and applications.”
So the panel’s second and third options now have different names to their respective help file.
Nit picking? No. This is an enormous company with a wonderful position and much of the high–ground in terms of design, security, more; when compared to rivals such as Microsoft. Apple has to be professional and polished in it’s output. The above example is one that surely should have been picked up.
