On 11 Aug 99 at 17:27, [EMAIL PROTECTED] wrote:
> Actually, that is so with Licq also, the various linux varieties also allow
> you to add without authorization. IOW, only winblows requires it.
Thats because that Mirabilis have made the authorisation feature
in the client rather then in the server.
Instead of the server requesting authorisation before allowing the
requesting user to see the target user, it is the client which
is checking if authorisation is required. Due to this, a simple
patch can override this feature, or in the case of mICQ and the
rest of the clones, that feature was not included in the first place.
Now thats what I call a security hole.
Or Botton
[EMAIL PROTECTED]
- "Truth is stranger than fiction, because fiction has to make sense."
-----------------------------
http://members.xoom.com/dsdp/
To unsubscribe from SURVPC send a message to [EMAIL PROTECTED] with
unsubscribe SURVPC in the body of the message.
Also, trim this footer from any quoted replies.
