|
|
|
|
|
|
by traceroute66
164 days ago
|
|
|
> it can still be enabled? Yes, just like >= 1.86, you set a flag during install. But that's not the point. The point is that >= 1.90.2 it became enabled by default. The point is that most people would expect that "by default" to be a permanent fixture, i.e. a sane secure-by-default config. This means that people with automated deployments based on >= 1.90.2 can no longer rely on the "by default" and this now needs to be flagged. |
|
|
Just a thought.