[standards-jig] UPDATED AGAIN: Multi-User Chat, v. 0.4

David Waite mass at akuma.org
Thu Sep 19 16:15:07 CDT 2002


Peter Saint-Andre wrote:

>The existing IQ browse is a security hole and a bug. A useful bug, but a
>bug nonetheless.
>
>The admin will always be able to get the real JID.
>  
>

Which admin - the Room admin, or a Server admin? I would argue that 
creating the room is not sufficient for a user to be able to override my 
privacy settings.

And I believe that the browse function is not a bug, but an explicit 
feature.

-David Waite




More information about the Standards-JIG mailing list