[Operators] Remove old unused accounts?
Mathias Ertl
mati at fsinf.at
Thu Dec 10 13:19:43 CST 2009
Peter Saint-Andre wrote:
> That said, there is a minor security concern here. MUC rooms and PubSub
> nodes could garbage-collect owners and admins/publishers, just as core
> XMPP services do. This is another reason to put such entities in the
> user's roster.
It wouldn't however be the only one. What happens if, say, some other
mathias.ertl at jabber.org posts a lot of warez (or anything illegal for
that matter... child porn?) into a forum and then also posts his JID for
some reason. Then years later I register that same ID (works, because
the old one has been deleted). Then I apply for a Job somewhere and
someone googles my name... shit just happened :-P
Come to think of it, the same would happen if that other guy still uses
that ID... hmm, maybe its not so much a problem.
greetings, Mati
--
I only read plain text mail! I prefer pgp|gpg signed & encrypted mails!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20091210/743f2983/attachment.pgp>
More information about the Operators
mailing list