stanbol-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reto Bachmann-Gmür <r...@apache.org>
Subject Re: [POLL] make "-no-security" the default
Date Fri, 05 Apr 2013 08:47:35 GMT
Hi Bertrand

This is not about shouting louder but about a concise simile.

Things have been discussed quite extensively in the orginal thread [1] on
enabling security.

To elaborate the smoke detector comparison:
The motivation for enabling security by default (activate the smoke
detector) was that developer see, when their code doesn't work reasonably
in a secure environment such as in an application server (cause of smoke).
The emails we had on the mailing list it show that people are indeed
improving their code (tackling the cause of smoke) because they see the
security issues. I don't remember any mail of a user complaining that they
had to enter a password for a privileged action (this would be: smoke in
the hotel room).

But to come back to the meta-layer, I don't think that I was shouting but
your mail might be seen as FUD. You're taking about your impression without
bringing any evidence supporting your claim. The sentence about being "back
to Stanbol as it worked before" suggest that Stanbol is no longer working,
for this I'd prefer to have issues in Jira rather than this. The last
sentence is a red herring as the point is that module developer make their
modules have sound security constraints and thus work anywhere - not that
people with particular security needs can see how Stanbol fails.

Cheers,
Reto


On Fri, Apr 5, 2013 at 10:09 AM, Bertrand Delacretaz <bdelacretaz@apache.org
> wrote:

> On Fri, Apr 5, 2013 at 9:59 AM, Reto Bachmann-Gmür <reto@wymiwyg.com>
> wrote:
> > This is like disabling the smoke detector,  rather than tackling the
> cause
> > of the smoke...
>
> I would appreciate if we can avoid the "whoever shouts louder wins"
> tactics here.
>
> -Bertrand
>


1.
http://mail-archives.apache.org/mod_mbox/stanbol-dev/201211.mbox/%3CCALvhUEXNFcvNroS=r40cT37d2H+90zvt8X_p8X_gj6mDE7+V3Q@mail.gmail.com%3E

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message