Richard Heck wrote: > It's obviously up to you, Scott, as release manager, but I agree with Enrico, > to some extent, that this isn't the best policy. We have spent an enormous > amount of time on this and finally have come to some kind of resolution. It > really would be best to close that part of the debate and spend our time > figuring out how to make the needauth and shell-escape stuff as secure as we > can make it, given the present framework. Time spent re-litigating the > questions about the framework is going to be wasted time.
+1 Pavel
