Le 01/04/2014 16:40, Tomasz Sterna a écrit :
Dnia 2014-04-01, wto o godzinie 15:56 +0200, Sylvain Guglielmi pisze:
Is it safe/better/not a good idea to deactivate the active plugin from
every chain (user_load; user_create; user_delete) ?
It's main function is to drop messages to unexisting users instead of
storing them in offline messages store.
If you remove it, you are potentially vulnerable to DoS attack filling
your offline storage database with messages for bogus users.
Ok, good to know. I'll remove it form the user_load chain and let it be
in the others.
Thanks again.
--
Sylvain "Gugli" Guglielmi
