What evidence are you basing that on?
From what I read of the article if it was on by default, it does nothing.
When it's on you get the option to create an agent. That's when you need to be careful.
Even so, the current version is off, it has a big warning about the dangers of using it before and during switching it on.
> that makes it easy to give access to an entire library instead of requiring explicit tight scoping of access to individual files is dangerous
Again from the article, the user literally set the access rights of the agent.
What evidence are you basing that on?
From what I read of the article if it was on by default, it does nothing.
When it's on you get the option to create an agent. That's when you need to be careful.
Even so, the current version is off, it has a big warning about the dangers of using it before and during switching it on.
> that makes it easy to give access to an entire library instead of requiring explicit tight scoping of access to individual files is dangerous
Again from the article, the user literally set the access rights of the agent.