Markus Mohrhard wrote:
Can you explain what you had in mind with the config layer idea.
Largely just avoiding duplicated code (no need to xml-parse, do layering etc).
I don't see the values as I doubt many admins will be able to change it and I had hoped that it would be enough to provide a config entry that points the local location of the blacklist.
Well, it's just the principle of least surprise - all standard config deployment/overriding/lockdown mechanisms would then simply work. Also - as always, there'll be at least *one* person wanting to do special magic ... ;)
So if a admin really wants to disable access to it he puts the blacklist in a place where the user can't touch it and lock the setting.
Fair enough. Doesn't make group policies / machine-specific settings extra-easy, but I guess it'll work. Cheers, -- Thorsten
Attachment:
signature.asc
Description: Digital signature