Comment 28 for bug 1784871

Yeah, there's been some churn here, so it probably would be good to clarify things.

With the patches that are up right now, we should end up with a single config option called 'sio_allow_non_padded_volumes' that defaults to False. That will make things secure by default but give the deployment an option to enable to previously insecure behavior if they so choose.

We would then backport that new config option back through the stable branches. This will be a change in behavior on upgrade to new stable releases, but it is called out in a release note and they can re-enable the old behavior using the new config option.