1 |
On Fri, Jan 27, 2012 at 3:13 PM, "Paweł Hajdan, Jr." |
2 |
<phajdan.jr@g.o> wrote: |
3 |
> On 1/27/12 8:45 PM, Fabian Groffen wrote: |
4 |
>> Just implement it in a way that people can opt-in/opt-out on it. |
5 |
> |
6 |
> We already have an opt-in (hardened profile), and of course it can be |
7 |
> implemented in a way which allows opt-out (I even mentioned that). |
8 |
> |
9 |
> The main point is changing the default. |
10 |
|
11 |
Well, probably wouldn't hurt to split this out of hardened into |
12 |
something intermediate first. You won't get much testing in hardened |
13 |
on many packages. |
14 |
|
15 |
I agree that changing the default is the long-term solution. Default |
16 |
off to start but have it available on mainstream profiles. Encourage |
17 |
people to use it. Then make it the default but let people opt-out. |
18 |
Then maybe in the long-term future de-support the opt-out if it seems |
19 |
prudent. However, the hardened experience will no doubt help us. |
20 |
|
21 |
Rich |