-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 IMHO "expose_account = true" should be the default. If people are using poorly maintained software on a proprietary run time environment, then their admin should explicitly disable this option.
I don't see a security risk here, either. Security through obscurity never worked. Regards Harri -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQEcBAEBCAAGBQJSgA1dAAoJEAqeKp5m04HLVRoH/Rb9SX9MoEmEDXPZiCqc5ADp xCOnOKgeu9rerFYp3Cu8hutdfKoKR9saHPzv9tj3VWq5tvdxH14GNZZrqxtPL9Oh veBtEIzV2F13IKMaDoQ0WM6RuXcaEuoTPXA6iBBnROCRYcRTiMvqIaoiyjPsazNj Mg8DZplxwCdK8lz+56rdqG5xIvKBXefKCqeTmG5sK9gY7Hr8HTLnTieojPf0krl0 Bd68UhU1APi+GocB0SYVQ2jiQEAQG56X8rfATOkZ+h+zEuhp+wnwAet9ZLMAhZ99 Zc7zA6uIfPOiU9d5qyd8ze3H0QxHEjsVyA+ylrzzYCdgNLEG5af6DgCBtlLCMjo= =4Mfj -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
