[Operators] Remove old unused accounts?
stpeter at stpeter.im
Thu Dec 10 13:24:41 CST 2009
On 12/10/09 12:19 PM, Mathias Ertl wrote:
> Peter Saint-Andre wrote:
>> That said, there is a minor security concern here. MUC rooms and PubSub
>> nodes could garbage-collect owners and admins/publishers, just as core
>> XMPP services do. This is another reason to put such entities in the
>> user's roster.
> It wouldn't however be the only one. What happens if, say, some other
> mathias.ertl at jabber.org posts a lot of warez (or anything illegal for
> that matter... child porn?) into a forum and then also posts his JID for
> some reason. Then years later I register that same ID (works, because
> the old one has been deleted). Then I apply for a Job somewhere and
> someone googles my name... shit just happened :-P
> Come to think of it, the same would happen if that other guy still uses
> that ID... hmm, maybe its not so much a problem.
It can happen. Sometimes I receive a request to delete from the archives
at http://logs.jabber.org/ some chatroom messages that someone sent
years ago. However, such events are quite rare.
I don't see that this is any more dangerous than, say, expired domain names.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 6820 bytes
Desc: S/MIME Cryptographic Signature
More information about the Operators