why not allow people to check off what modules they want to be installed during /default/ install phase? it should be as simple as scanning modules directory during install and aside from the /must be turned on for system to operate/ modules, the rest should be displayed and given an option to enable during install. making few /advised/ modules more evident than others(perhaps different background on that module's table row) could do the trick.
<br><br><div><span class="gmail_quote">On 9/25/07, <b class="gmail_sendername">Larry Garfield</b> <<a href="mailto:larry@garfieldtech.com">larry@garfieldtech.com</a>> wrote:</span><blockquote class="gmail_quote" style="margin-top: 0; margin-right: 0; margin-bottom: 0; margin-left: 0; margin-left: 0.80ex; border-left-color: #cccccc; border-left-width: 1px; border-left-style: solid; padding-left: 1ex">
<br>On Tue, 25 Sep 2007 23:20:18 +0200, Zohar Stolar <<a href="mailto:stolar@gmail.com">stolar@gmail.com</a>> wrote:<br>><br>> DragonWize wrote:<br>>> I have seen many comments against Matt (not mark), the creator of
<br>>> wordpress<br>><br>> Right, it's Matt, not Mark, sorry for that.<br>><br>><br>>> Before making such wrong statements about someone please do the<br>>> research. Here is the the Matt's comment
<br>>><br>> (<a href="http://groups.google.com/group/wp-hackers/browse_thread/thread/bdced7524fa79a18/2d4e69fb46a6a947#msg_e7794372692b9548">http://groups.google.com/group/wp-hackers/browse_thread/thread/bdced7524fa79a18/2d4e69fb46a6a947#msg_e7794372692b9548
</a>)<br>>> that the article so wrongly butchers it that slashdot has already<br>>> updated the article. There is not even a single instance of the word<br>>> "fork" in the entire thread.<br>> Here is where that word appears, in the same thread :
<br>> <a href="http://groups.google.com/group/wp-hackers/msg/f8b5bc6efc4a4005">http://groups.google.com/group/wp-hackers/msg/f8b5bc6efc4a4005</a><br>><br>> Matt may not be rude, but he is ignoring what Morbus Iff elegantly
<br>> called "people's illusion of privacy and choice".<br>> Users should have the choice to keep their details private. When you<br>> launch an open source project, and distribute it freely, you shouldn't
<br>> expect everyone to tell you exactly HOW they use it.<br>> It's the freedom of choice which brings people to open source CMS, and<br>> the lack of it can scare them away.<br>><br>> The power of Drupal is it's flexibility and the fact that apart from few
<br>> modules that are considered crucial for the system's operation, all the<br>> rest is a matter of choice... even if you choose to be less secured.<br>> opt-in or opt-out - it's the existence of the option that counts.
<br>><br>> (and... if I may.... The freedom of choice is one of the most ancient<br>> theological issues... hasn't it been marked as 'fixed' yet?)<br><br>Dude, we can't even get node 8 to be marked fixed. You expect us to RTBC questions about life philosophy?
<br><br>Seriously though, I think on-by-default is still a good idea for security, but we do need to be clear that it's happening and how it can be disabled. It seems this discussion has now migrated to the issue queue, though, so let's continue there.
<br><br>--Larry Garfield<br><br></blockquote></div><br><br clear="all"><br>-- <br>Oleg Terenchuk <br>Web Manager / Developer<br>Phone: 917 - 306 - 5653