Comment 9 for bug 1313746

The default could be changed but only for future releases (i.e. this is not a backportable change). That said, I don't think this is a vulnerability: it's a feature with a permissive default value.

If that default value is deemed insecure, the OSSG might want to document it as such in a OSSN. In all cases, I don't think there is much valud in keeping this private. Thoughts ?