On Sat, May 07, 2005 at 02:52:57PM +1000, Neil Conway wrote: > > So would you have us disable all the non-essential builtin functions? > (Many of which have has security problems in the past.) What about the > builtin encoding conversions, non-btree indexes, or a myriad of features > that not all users need or use?
This is not really analogous, because those are already on (and in most cases, not easily disabled). What you're arguing for is to add yet another on-by-default feature. Given that there's already a way to turn it on, why make it automatic? Moreover, if some repackager wants to make this more convenient, s/he can do so by turning it on by default. I don't see what's wrong with conservatism here. > What makes sense for the default configuration of an operating system > (which by nature must be hardened against attack) does not necessarily > make sense for a database system. Indeed. But that doesn't mean that the principle isn't sound for both cases. I haven't seen an argument against that yet. A -- Andrew Sullivan | [EMAIL PROTECTED] The plural of anecdote is not data. --Roger Brinner ---------------------------(end of broadcast)--------------------------- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])