Enable RTS opts by default with security warning
|Reported by:||EyalLotem||Owned by:|
|Type of failure:||None/Unknown||Test Case:|
|Related Tickets:||Differential Revisions:|
RTS options have security problems. However, disabling them has a lot of downsides.
I propose enabling them by default, with a message like:
"Warning: RTS options are enabled. This has the security implications explained by http://.... To disable RTS options, use -disable-rtsopts. To suppress this warning, use -enable-rtsopts."
This would allow everyone to ignore the warning while in development, or explicitly enable rts opts as they do now. Security-minded projects will not be likely to forget to disable the RTS opts given this warning.