Paul, On 5/9/2016 10:52 AM, Paul Jakma wrote: > On Fri, 6 May 2016, Lou Berger wrote: > >> Actually, as this is a security feature it shouldn't be runtime >> reconfigurable so a program flag is probably more appropriate. > Hmm, I don't think it's a critical security feature.
> We've done without > it for yonks. It is causing a bit of syslog noise though. so let's pick one of the discussed options: command line or configuration flag. > What's the security issue and the threat model? Non-normal-UI > configuration options can be a bit of a pain... I had a customer who would not consider deploying quagga without non-controllable logging of all commands. This was a non-negotiable policy on their side, so either we put it in or we didn't use quagga. Lou > regards, _______________________________________________ Quagga-dev mailing list [email protected] https://lists.quagga.net/mailman/listinfo/quagga-dev
