Boinc projects have two configuration flags intended to prevent users from validating their own work. See: Project Configuration

<one_result_per_user_per_wu/>
If set, send at most one instance of a given job to a given user. This increases the effectiveness of replication-based validation by making it more difficult for hackers to get all the instances of a given job.
<one_result_per_host_per_wu/>
If present, send at most one result of a given workunit to a given host. This is weaker than one_result_per_user_per_wu; it's useful if you're using homogeneous redundancy and most of the hosts of a particular class belong to a single user.

If either of these flags are omitted it is possible for a user to validate their own work which leaves the project open to potential abuse.
Project administrators may chose to allow either users or hosts to validate their own work during application testing especially when there are a very small number of hosts contributing to the project.
Any active project with a large number of users should have both of the above flags set to ensure the integrity of their results.

If you are concerned about a project allowing either user or host self-validation you should post in their forums.