On Tue, Mar 12, 2013 at 12:54 PM, PJ Eby <p...@telecommunity.com> wrote: > This is a rationale for secure defaults for various options, like the > ones I outlined in the portions of my post that you *didn't* quote. > > It's not a rationale for removing the options themselves.
Exactly; thanks for saying this better than I did. As we've seen from the recent Rails security vulnerabilities, secure has to be the default. Users having to explicitly choose the "secure" option is an anti-pattern, with teeth. As long as the default, out-of-the-box behavior is secure it's fine; users who want to run their tools with the "--hack-me-if-you-can" flag will find a way to do so. This isn't about taking away people's options, but about putting secure-by-default tools into the hands people who need them the most. Jacob _______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
