On Wed, Nov 28, 2012 at 3:11 PM, Fabian Christ <[email protected] > wrote:
> I want to add: Making this the default would also be contrary to our > discussion about having the security part optional in Stanbol. > I don't see the connection. Even the stable launcher starts with many optional components. The question is not if the modules should be there but if they should be enabled by default if they are there. I think it makes more sense to have an option to disable them rather than needing a command line options to enable modules you've chosen to install (or your launcher contains). If somebody requires the modules then disabling them by mistake can really be a substantial treat to data security and privacy. Reto > > > 2012/11/28 Fabian Christ <[email protected]> > > > Hi, > > > > I am -1 for making this the default. > > > > I would prefer to keep the default really simple. If people want security > > they have to do something for it. This is true for most systems and > > frameworks that I know about. > > > > - Fabian > > > > > > 2012/11/28 Reto Bachmann-Gmür <[email protected]> > > > >> Hi all, > >> > >> Currently stanbol security is only enabled when stanbol is started with > >> the > >> -s option. I think it would be better to start it with security enabled > by > >> default. This follows the "priciple of least damage" as the harm caused > >> when a "disable security" option is forgotten is much smaller than the > >> potential damage when arbitrary users can suddenly act with all > >> privileges. > >> > >> Any objection to such a change? > >> > >> Reto > >> > > > > > > > > -- > > Fabian > > http://twitter.com/fctwitt > > > > > > -- > Fabian > http://twitter.com/fctwitt >
