| 1 |
On Fri, Jan 27, 2012 at 3:13 PM, "Paweł Hajdan, Jr." |
| 2 |
<phajdan.jr@g.o> wrote: |
| 3 |
> On 1/27/12 8:45 PM, Fabian Groffen wrote: |
| 4 |
>> Just implement it in a way that people can opt-in/opt-out on it. |
| 5 |
> |
| 6 |
> We already have an opt-in (hardened profile), and of course it can be |
| 7 |
> implemented in a way which allows opt-out (I even mentioned that). |
| 8 |
> |
| 9 |
> The main point is changing the default. |
| 10 |
|
| 11 |
Well, probably wouldn't hurt to split this out of hardened into |
| 12 |
something intermediate first. You won't get much testing in hardened |
| 13 |
on many packages. |
| 14 |
|
| 15 |
I agree that changing the default is the long-term solution. Default |
| 16 |
off to start but have it available on mainstream profiles. Encourage |
| 17 |
people to use it. Then make it the default but let people opt-out. |
| 18 |
Then maybe in the long-term future de-support the opt-out if it seems |
| 19 |
prudent. However, the hardened experience will no doubt help us. |
| 20 |
|
| 21 |
Rich |
Archives