Hey all, I’m fairly new to the Fediverse.
I’m just wondering what is preventing mallard from being shared on Lemmy, K.Bin, etc. via images or other embeds? Is there some file vetting happening under the hood?
Duck sharing is prohibited
We’ve been infiltrated.
Lemmy is actually full of quack addicts.
Phew! That’s a load off my mind. I’ve been worried about that for a long time.
Welcome,
There were issues a while back, which were fixed in security patches.
Yes, all your mallards should be thoroughly vetted.
Wasn’t work done not too long ago with emojis or something?
Custom emoji was one, and another one in July(?) was in sidebars not being sanitized
What do you mean by sanitized?
Stripped of executable code. IIRC the issue in particular was that sidebars observed HTML and you could put an iframe with potentially malicious code into them.
Interesting. Once the development of Lemmy slows down a couple years from now it would be interesting to see a video detailing the hiccups around its growth
Hopefully you’re not using an image reader that’s shitty enough to have vulnerabilities like this 🤨
@Synthead Chrome?
I wouldn’t worry about Chrome having vulnerabilities in its image readers.
I would say that a zero-day for chrome would be far too valuable. Except you’re the target of an entity that has a few millions to spare.
deleted by creator
