Sopuli's Default Community

1329 readers

1 users here now

Community for all jibber-jabber. As this is a hard-coded community for every instance, we may get this doing something useful.

Simple test posts to !test_community@sopuli.xyz

Meta-discussion regarding the instance and support in problem situations !meta@sopuli.xyz

Yhteisö kaikenlaiselle pälätykselle. Koska tämä on kovakoodattu yhteisö jokaiselle instanssille, voimme tehdä tällä ehkä jotain hyödyllistä.

Yksinkertaiset testiviestit mielellään !test_community@sopuli.xyz

Instanssia koskeva metakeskustelu ja tuki ongelmatilanteissa !meta@sopuli.xyz

founded 4 years ago

MODERATORS

QuentinCallaghan@sopuli.xyz

tkk13909@sopuli.xyz

multiple lemmy instances are going down to a js injection or admin password hack (sopuli.xyz)

submitted 2 years ago by wetnoodle@sopuli.xyz to c/main@sopuli.xyz

18 comments fedilink hide all child comments

lemmy.world and lemmy.blahaj.zone got hacked, admins in sopuli.xyz should enforce 2fa for admins and possibly disable/ look into possible injections from the community sidebar

you are viewing a single comment's thread
view the rest of the comments

[–] Nuuskis@sopuli.xyz 9 points 2 years ago (3 children)

So there's no risks for regular users if they get hacked? Asking for learning purposes.

[–] allywilson@sopuli.xyz 4 points 2 years ago (2 children)

Depends on the exploit really, but if they have admin access they have access to the info in your profile, so probably know your email address. I don't know enough about the backend infra to be sure, but I doubt Lemmy stores passwords in plain text in DBs, etc. and although they have admin access, they probably don't have access to the DB (again, a bit unfamiliar with all possibilities, but typically the DB is on a separate container/host/service independant of the frontend).

Does anyone have a link for details on the hack/exploit?

[–] Nuuskis@sopuli.xyz 1 points 2 years ago

Thanks for the explanation!

load more comments (1 replies)