172
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 27 Mar 2024
172 points (100.0% liked)
chapotraphouse
13609 readers
714 users here now
Banned? DM Wmill to appeal.
No anti-nautilism posts. See: Eco-fascism Primer
Slop posts go in c/slop. Don't post low-hanging fruit here.
founded 4 years ago
MODERATORS
There have been several VERY NASTY CVEs since I set up matapacos in 2022.
Remote code execution: https://github.com/mastodon/mastodon/security/advisories/GHSA-9928-3cp5-93fm A.K.A. "Toot Root"
Hijacking user accounts: https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw
Among others (there was at least one more really bad one)
someone smarter than me has the chance to do something extremely funny
I would be hilarious if someone hijacked Trump's account using that vuln
I want to go on record that if Trump suddenly says "I AM YOUR LORD AND SAVIOR OUR BIG WET BOY!" - I had nothing to do with it.
It would be a shame if... you know the thing.
haha jk fbi haha
gaining a web shell on truth.social and using it to run a minecraft server
We’re gonna build a big beautiful realm and make the Cheeto pay for it
I meant it would be a shame if Biden used the computer. Because he's old and you know the thing. I don't want to say it because it could be misconstrued.
I was gonna say, there are probably some spicy remote code execution bugs still alive in there.
This is gonna be another Gab lmao
Gab also is just a de-branded Mastodon fork.
Thank you for maintaining that instance btw
you run matapacos? I've been meaning to join, but haven't bc of the email address requirement. Is there a way around that?
You can just use a disposable email address like I did for my account
Yeah. Email is baked into the software so a throwaway is needed for technical reasons, but only for registration and password recovery. I don't have any e-mail services blocked. You are encouraged to use a throwaway e-mail service unless you want password recovery and (optional) email notifications to work.
Recently we added manual account activation due to a spam wave. You don't have to write an essay outlining your ideological beliefs or anything. It is strictly an anti-bot measure.