James E. Blair wrote:
I strongly agree with Kris that it is preferable to spend a few more CPU cycles if it reduces the exposure of our systems to attack. Since we've recently found two of the three web scripts in that directory to be vulnerable, I find the trade-off to be very compelling.
I've created a ticket with a patch for this.
+1 from me.