I think i came across a bug - I deployed openfire with the spark clients in my company but as the users don’t have the administrative privilages to run the installation files on their desktops I have to install it manuall, from a central location, using “run as” (and my username and password follow).
After the installation is complete, the user logs in and it seems to be fine…however as soon as he tries to add his own avatar - ( Spark->Edit my profile->avatar->browse) suddenly he can browse my documents (administrator’s) instead of theirs!! i believe it’s a serious security issue and i’m actually lucky i saw that happening. The problem is gone only after a user actually logs off from his pc(not only spark) and logs in again.
Is there a patch or something for this problem?