[briffle]

Its a university, so more likely "Sysadmins implemented best practices of disabling unapproved macros, but due to an extreme number of complaints from academic staff that all their research would be ruined, had to disable it again."

[iwantagrinder]

So you allow it for those folks and block it for the rest, there will always be edge cases but you need to reduce risk and attack surface. So hopefully they have those academic staff members on record as accepting the risk.

[gruez]

>So hopefully they have those academic staff members on record as accepting the risk.

Then what? Use them as the scapegoat when the network does get compromised? Feels like the exact opposite of blameless postmortems.