[jdev] Jabber Spoofing on unique server

micky501 at free.fr micky501 at free.fr
Fri Apr 1 08:23:57 CST 2005

> It was me ;)
> It is not complicated (after a bit of tweaking ;)) if you do it from a
> component. Components have special privileges that clients have not
> since they are under the direct control of the server administrator.

I see. Thanks for the explanation. Finally it's not a hack because the component
has the sufficient privileges to do it..

I'm gonna read the jabberd code source to see how the from attribute
verification is done.

Thanks for your help.


More information about the JDev mailing list