What happens if someone decides to subscribe to a seemingly innocent community that later becomes a target for such content to be posted? Because that’s precisely what happened here.
I mean this very kindly, but seeing that you seem to operate your own instance this very serious misunderstanding of the risks involved with hosting a lemmy instance has me deeply concerned.
Who is that someone? The only one in my instance its me and no one else. My instance only download what its post , commented and upvoted on the instances I subscribed. My instance does not download what others are subscribed on other instances. For example if I am only subscribed to the Lemmy.ml instance I only get what others post on that instance , and if a user from lemmy.ml instance subscribe to a nefarious instance doesn’t mean my instance will get all those nefarious post because I am not federated with that nefarious instance.
But that’s not how these things always work. People will post offending content in seemingly innocuous communities to cause as much destruction as possible.
I understand now I apologized for my previous stupid comments. I was not subscribed to the community that posted that so I think I am good. I am sorry again , I spoke out of ignorance didn’t know what had happened.
Someone could potentially decide to post something like that in a memes community to cause trouble, which would be worrying for a self-hoster like me. My instance isn’t subscribed to anything remotely sketchy, so it sounds like I’m unaffected here, but it could happen.
Ignore the previous, that’s literally what they did. I went in and manually purged it from the command line by removing every image from the last 24 hours. For other lemmy admins wanting to do the same (assuming a standard docker setup): sudo find /srv/lemmy/example.com/volumes/pictrs/files -type f -ctime -1 -execshred {} \;
Thanks, haven’t been on my instance for a few weeks and I come back to this shit show. Bye bye memes of the last two (just to be sure) days. I wonder how I can even prevent that shit from happening again.
If you are the only one using it , and you don’t federate with a instance like that then that its not going to happen.
What happens if someone decides to subscribe to a seemingly innocent community that later becomes a target for such content to be posted? Because that’s precisely what happened here.
I mean this very kindly, but seeing that you seem to operate your own instance this very serious misunderstanding of the risks involved with hosting a lemmy instance has me deeply concerned.
Who is that someone? The only one in my instance its me and no one else. My instance only download what its post , commented and upvoted on the instances I subscribed. My instance does not download what others are subscribed on other instances. For example if I am only subscribed to the Lemmy.ml instance I only get what others post on that instance , and if a user from lemmy.ml instance subscribe to a nefarious instance doesn’t mean my instance will get all those nefarious post because I am not federated with that nefarious instance.
But that’s not how these things always work. People will post offending content in seemingly innocuous communities to cause as much destruction as possible.
I understand now I apologized for my previous stupid comments. I was not subscribed to the community that posted that so I think I am good. I am sorry again , I spoke out of ignorance didn’t know what had happened.
It’s OK. I am deeply disappointed it is now public information, but it is what it is.
Someone could potentially decide to post something like that in a memes community to cause trouble, which would be worrying for a self-hoster like me. My instance isn’t subscribed to anything remotely sketchy, so it sounds like I’m unaffected here, but it could happen.Ignore the previous, that’s literally what they did. I went in and manually purged it from the command line by removing every image from the last 24 hours. For other lemmy admins wanting to do the same (assuming a standard docker setup):
sudo find /srv/lemmy/example.com/volumes/pictrs/files -type f -ctime -1 -exec shred {} \;Thanks, haven’t been on my instance for a few weeks and I come back to this shit show. Bye bye memes of the last two (just to be sure) days. I wonder how I can even prevent that shit from happening again.
This will happen again. We need better moderation tools
There’s services which filter that for you, which you can add to your posting pipeline. Somebody already mentioned cloudflare’s variant
You need to use shred instead of rm. If you use rm the data still lives on your drive until it gets overwritten
I made dedicated posts about it and corrected the mistake there, I missed this comment. Thanks for pointing it out.