Guillaume MM wrote: > Le 18/07/2017 ?? 23:27, Jean-Marc Lasgouttes a écrit : >> Le 18/07/2017 ?? 23:24, Christian Ridderström a écrit : >>> The threat model is one important aspect, but it's difficult for us to >>> know who uses LyX and in which industries. Or how many users there are at >>> all. And how many of them that use converters. If we can achieve good >>> security we don't need to care about user / usage statistics though. >>> >>> If we talk principles, I think we should aim for really good security and >>> then discuss compromises for what's not doable. But I do think we could >>> do a whole lot better than the current 'needauth'. > > +1
You start driving me to the wall. Where you have been when there was huge discussion about details of these mechanisms with Tommasso? > Meep! Principle 1: "Things don???t become unsafe all by themselves > (Explicit authority)". This means in particular: the secure settings are > the default. Yep. Isn't it the case with needauth right now? Pavel
