I know, compile time options are only useful for debug stuff (e.g. --with-rtldebug, --with-dmalloc), external dependencies, and to some extent for things that don't affect functionality (--with-long-long-int). Other than that they're just transitional measures.
But I doubt it's useful to make a runtime option for it; wouldn't surprise me if that gave about the same overhead as the security system itself when it simply isn't used. I think you can test that easily by compiling with --with-security, run the benchmarks and compare to a pike without it.
/ Martin Stjernholm, Roxen IS
Previous text:
2003-04-05 22:47: Subject: pike security (was: sTeam DoS vulnerability (no longer is: Do we have a floatingpoint bug?))
that makes sense, however in order to get this feature out of the experimental stage it may need some more exposure.
who is actually working with this feature at the moment?
could this be turned into an optional runtime option, so that the impact of it being a runtime option that is turned off, can be tested?
in general, compile time options for a compiler/interpreter are a bad idea, as it eventually forces a distributor to provide all variants because some people need the option off, and others need it on.
greetings, martin.
/ Brevbäraren