Re: [exim] tainted data issues

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Julian Bradfield
Date:  
À: exim-users
Sujet: Re: [exim] tainted data issues
I thought it was standard practice in introducing a new feature that
causes major breakage to existing installations, to take a three step
approach. First you provide the feature, and give it an enabling
switch with three levels "off", "warn but don't error", "on".
Then in successive releases you change the default value of the
enabling switch, and ultimately you remove the enabling switch.

I understand that taint protection is considered a security feature,
but it's a feature exim users have done without for decades, so I
can't really see that there was a particularly urgent need to
introduce it in a big bang.