On Thu, Dec 18, 2008 at 12:51:34PM +0100, Bastien ROUCARIES wrote:
> On Thu, Dec 18, 2008 at 12:35 PM, Bjørn Mork <bm...@dod.no> wrote:
> > Florian Weimer <f...@deneb.enyo.de> writes:
> 
> > I would very much like this library to become the *only* WPAD
> > implementation anywhere.  Hopefully eventually with some ability to
> > define local policies, where the default Debian policy could be very
> > strict.  E.g. "Never trust DNS for WPAD", or "Never use WPAD at all".
> 
> I tend to agree, we have not forbidden root to do rm -arf .
> It is the same, it is a policy problem. With current libproxy, could root
>  forbid the use of WPAD, even if user ask it?

Dan Winship, one of the libproxy authors, replied:

|    - The fact that it's broken doesn't change the fact that lots of
|      sites use it
|
|    - It's already implemented by other programs in the distro anyway
|      (notably Firefox)
|
|    - Its use in libproxy can be disabled system-wide by the
|      administrator
|
|I think in current libproxy WPAD is enabled by default though. We should
|make sure that's changed.


Michael


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to