On Tue, 6 Dec 2011 17:01:39 -0500
Josh Boyer <jwboyer(a)redhat.com> wrote:
> > And there is a long history of security bugs being found in
the new
> > and/or infrequently-used modules.
>
> That's probably true. I still wonder if that is common enough to be
> worth the change.
I'm still of the opinion we should just turn them off.
I know we have users who utilize the rose protocol, just for one example.
I don't think we can turn any of them off.
At the same time, we should probably be a bit more judicious about
enabling new drivers. They're normally not all that great in their
first full release, so they should default to off until requested or
proven otherwise.
But how can we tell unless we try them?