Re: [exim] tainted data issues

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Julian Bradfield
Dátum:  
Címzett: exim-users
Tárgy: Re: [exim] tainted data issues
I thought it was standard practice in introducing a new feature that
causes major breakage to existing installations, to take a three step
approach. First you provide the feature, and give it an enabling
switch with three levels "off", "warn but don't error", "on".
Then in successive releases you change the default value of the
enabling switch, and ultimately you remove the enabling switch.

I understand that taint protection is considered a security feature,
but it's a feature exim users have done without for decades, so I
can't really see that there was a particularly urgent need to
introduce it in a big bang.