Re: [exim] tainted data issues

Top Page
This message is part of the following thread:
M++--+---+-\the complete thread tree sorted by date
MMM..M-+\M\M\Sebastian Nielsen at <-
MMM+\M\MMMMMMHeiko Schlittermann at ->
Delete this message
Reply to this message
Author: Gregory Edigarov
Date:  
To: exim-users
Subject: Re: [exim] tainted data issues


On 11/10/20 10:37 AM, Julian Bradfield via Exim-users wrote:
> I thought it was standard practice in introducing a new feature that
> causes major breakage to existing installations, to take a three step
> approach. First you provide the feature, and give it an enabling
> switch with three levels "off", "warn but don't error", "on".
> Then in successive releases you change the default value of the
> enabling switch, and ultimately you remove the enabling switch.
>
> I understand that taint protection is considered a security feature,
> but it's a feature exim users have done without for decades, so I
> can't really see that there was a particularly urgent need to
> introduce it in a big bang.
not to say that it was done in incompatible manner,
breaking all configs that was working for years,
and with no way to switch to an old behaviour.

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] tainted data issuesRe: [exim] tainted data issues->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)