_haha_oh_wow_,
@_haha_oh_wow_@sh.itjust.works avatar

Attack vectors reduced to 0

hoodlem,

I’m not on Beehaw, but it seems well run based on the decisions they make and who they let in.

Quill7513,

They’re very consistent and predictable in a very good way. I understand the desire to have a more permissive instance at the cost of dealing with some trolls, but I think beehaw does an excellent job of delivering a community that takes the health and safety of the community at large seriously

Maebbie,
@Maebbie@lemmy.ml avatar

now thats how you protest

db0,
@db0@lemmy.dbzer0.com avatar

Funnily enough, beehaw was the most protected from this vuln, as their more stringest application requirements made it unlikely the attacker got in. It also didn’t affect lemmy.dbzer0.com even though our application form is much simpler than theirs.

spiderplant,

Smart move. I’m surprised more instances aren’t doing this.

TheSaneWriter,

For the best. Knowing that this hacking technique is a vulnerability with the Lemmy project as a whole, I think it’s reasonable for instances to temporarily close while a fix is implemented.

SwingingKoala,

How do we know that?

Edit: Seems like github.com/LemmyNet/lemmy-ui/pull/1897/files

neo,
@neo@lemmy.comfysnug.space avatar

There was a big discussion about it in the Admin Chat room on Matrix.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • uselessserver093
  • Food
  • aaaaaaacccccccce
  • [email protected]
  • test
  • CafeMeta
  • testmag
  • MUD
  • RhythmGameZone
  • RSS
  • dabs
  • Socialism
  • KbinCafe
  • TheResearchGuardian
  • oklahoma
  • feritale
  • SuperSentai
  • KamenRider
  • All magazines
    •