any background on why EnableGlobalScripts changed at 7.0.x?
My site is looking for additional background on why EnableGlobalScripts changed defaults at 7.0.x.
The change is documented and Cyber, Markku and others have helped people discover the setting. I understand all that.
What I'm looking for is more information on why the Zabbix developers changed the default for new installs. It's easy to guess that having it disabled is a more secure setting, but the problem is that without additional information about what the potential attack might be, it's very hard to estimate risk. At my site, I trust all my (current) users to not do anything intentionally malicious.
I also understand that providing information about a potential security issue is a balancing act. You don't want to make an attack to obvious or easy, but providing no details makes it impossible for a site admin to assess risk.
The change is documented and Cyber, Markku and others have helped people discover the setting. I understand all that.
What I'm looking for is more information on why the Zabbix developers changed the default for new installs. It's easy to guess that having it disabled is a more secure setting, but the problem is that without additional information about what the potential attack might be, it's very hard to estimate risk. At my site, I trust all my (current) users to not do anything intentionally malicious.
I also understand that providing information about a potential security issue is a balancing act. You don't want to make an attack to obvious or easy, but providing no details makes it impossible for a site admin to assess risk.