[Fwd: AW: admin and user passwords]

[Dave Warren]

> but there is probably a misconception: The client users are not sitting on
> the same client pc, so there is no way to give them restricted user accounts
> on their own machines at home.
>
> My idea was to create some kind of login, that gives all msn, icq, yahoo or
> aol account information during the specified session. I also thought to use
> a server-hosted link to a preset meebo-multimessenger-weblogin, but meebo
> was sold to google and they quit the IM services in 3 days.
>
> The problem is always the same: the one, who holds the startup password for
> pidgin, trillian-astra, gaim and so on, has the power to change the specific
> IM accounts, can rename, disable, steal or whatever he likes to do with
> them. ...

While this is true, what can be done about it? It's not a client 
problem, and therefore not something a client can solve directly.

pidgin needs the same authentication information that the user could use 
to act maliciously, so this isn't something you can solve at the client 
level.

I suspect you'd be better off running your own XMPP server or other 
intermediary and having end users connect to it (knowingly or not -- 
They might use a web interface) or by connecting it to the other 
messenger accounts in some fashion.

-- 
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren