2
there's actually two possible issues here
1. a user can upload an image to your XOOPS site using the XOOPS Image Manager (if enabled)
2. a user can
link to an image to be displayed within a message post using either the
icon or by using the [ img ] bbtag (as demonstrated in this text).
if you are talking about preventing #1, go to Administration Menu -> System -> Images and modify each category listed so that only administrators can upload images.
if you are talking about #2, I don't believe there is a way at the moment (without hacking the textsanitizer class). I would recommend adding a feature request for newBB2 at the
newBB Project Page at dev.xoops.org