On Sat, May 07, 2005 at 02:52:57PM +1000, Neil Conway wrote:
>
> So would you have us disable all the non-essential builtin functions?
> (Many of which have has security problems in the past.) What about the
> builtin encoding conversions, non-btree indexes, or a myriad of features
> that not all users need or use?
This is not really analogous, because those are already on (and in
most cases, not easily disabled). What you're arguing for is to add
yet another on-by-default feature. Given that there's already a way
to turn it on, why make it automatic? Moreover, if some repackager
wants to make this more convenient, s/he can do so by turning it on
by default. I don't see what's wrong with conservatism here.
> What makes sense for the default configuration of an operating system
> (which by nature must be hardened against attack) does not necessarily
> make sense for a database system.
Indeed. But that doesn't mean that the principle isn't sound for
both cases. I haven't seen an argument against that yet.
A
--
Andrew Sullivan | ajs@crankycanuck.ca
The plural of anecdote is not data. --Roger Brinner
