Re: [exim] tainted data issues

Top Page
This message is part of the following thread:
M++--+---+-\the complete thread tree sorted by date
MMM..M-+\M\M\Mark Elkins at <-
MMM+\M\MMMMMMKai Bojens at ->
Delete this message
Reply to this message
Author: Julian Bradfield
Date:  
To: exim-users
Subject: Re: [exim] tainted data issues
I thought it was standard practice in introducing a new feature that
causes major breakage to existing installations, to take a three step
approach. First you provide the feature, and give it an enabling
switch with three levels "off", "warn but don't error", "on".
Then in successive releases you change the default value of the
enabling switch, and ultimately you remove the enabling switch.

I understand that taint protection is considered a security feature,
but it's a feature exim users have done without for decades, so I
can't really see that there was a particularly urgent need to
introduce it in a big bang.

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] tainted data issuesRe: [exim] tainted data issues->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)