maltfield

@maltfield@monero.town

I make and sell BusKill laptop kill cords. Monero is accepted.

michaelaltfield.net

This profile is from a federated server and may be incomplete. Browse more on the original instance.

maltfield, (edited )

Hi, Michael Altfield here. I was the sysadmin for OSE from 2017-2020.

Everything OSE does is transparent, so you can just check the OSE websites to see what everyone is currently working-on. OSE contributors log their hours in a worklog called “OSE Dev”. There you can quickly see who is working on what.

The above graphs show 4 contributors in the past ~10 weeks (one is me; we had some issues with the apache config recently). There’s no direct link, but you can then check the wiki to see people’s work logs (just search for the person’s name and Log):

I also like to look at the MediaWiki “Recent Changes” page to peak at what people are up-to as well:

I told Marcin about Lemmy back in June 2023. Another OSE contributor even created an OSE community on the slrpnk.net instance, but it appears to have been abandoned. I’ll email him about this thread to see if he’ll bite and publish updates in this community since there’s clearly interest :)

Also, shameless plug: I started an org that’s very similar in spirit to OSE called Eco-Libre, with a focus on projects to sustainably enfranchise human rights in smaller communities. We’re currently accepting volunteers ;)

maltfield,

Can you mention this in your article?

maltfield,

That would be true if their instance wasn’t federating. If the instance is federating, then it’s downloading content from other users, even if the user isn’t registered on the instance. And that content is publicly available.

So if someone discovers their content on their instance and sends them a GDPR request (eg Erasure), then they are legally required to process it.

maltfield, (edited )

Hi, unfortunate author here 😅

The issue happened in Jerboa. I opened a few tickets in the Jerboa app’s GitHub to address this:

  • jerboa : UI for deleting uploaded files
  • jerboa : Setting to hide "upload media" button
  • jerboa : Add "confirm upload" step to UX

Can you please tell us which Lemmy client apps you use that store the delete token and have a UI to delete uploaded images?

maltfield,

Fortunately, in my case, my image was “orphaned” and never actually attached to a post or comment, so it wouldn’t have federated.

If the image has already federated then that’s a whole next level problem :(

maltfield,

Very nice. Unfortunately it doesn’t look like Boost is available on F-Droid.

maltfield, (edited )

Unfortunately, the Lemmy devs literally said it would take to fix this issue. If you think this should be a priority for them, please advocate for them to prioritize it on GitHub:

maltfield, (edited )

Did you read the article and the feedback that you’ve received from your other users?

Any FOSS platform has capacity issues. I run my own FOSS projects with zero grant funds and where I’m the only developer. I understand this issue.

What we’re talking about here is prioritization. My point is that you should not prioritize “new features” when existing features are a legal, moral, and grave financial risk to your community. And this isn’t just “my priority” – it’s clearly been shown that this is the desired priority of your community.

Please prioritize your GDPR issues.

maltfield, (edited )

Thanks, but I’m asking because I didn’t find the reference documentation especially helpful.

It says I need the “delete token” or “alias”. How do I get that for a given URL?

I’m looking for an example that describes how to construct the commands for the API calls knowing only the URL of the image.

maltfield,

This seems to suggest that you have to get it from lemmy when you first uploaded the image

maltfield, (edited )

This is a big problem. At the time of writing:

  1. Users cannot delete their images on Lemmy
  2. If a user deletes their account, their images don’t get deleted
  3. There is no WUI for admins to delete images on Lemmy
  4. It is very difficult for admins to find & delete images on Lemmy (via the CLI)
  5. The Lemmy team didn’t bother documenting how admins can delete images on Lemmy

How to purge images in Lemmy

pict-rs is a third-party simple image hosting service that runs along-side Lemmy for instances that allow users to upload media.

At the time of writing, there is no WUI for admins to find and delete images. You have to manually query the pict-rs database and execute an API call from the command-line. Worse: Lemmy has no documentationtelling instance admins how to delete images 🤦

For the purposes of this example, let's assume you're trying to delete the following image


<span style="color:#323232;">https://monero.town/pictrs/image/001665df-3b25-415f-8a59-3d836bb68dd1.webp
</span>

There are two API endpoints in pict-rs that can be used to delete an image

Method One: /image/delete/{delete_token}/{alias}

This API call is publicly-accessible, but it first requires you to obtain the image's delete_token

The delete_token is first returned by Lemmy when POSTing to the /pictrs/image endpoint


<span style="color:#323232;">{
</span><span style="color:#323232;">   "msg":"ok",
</span><span style="color:#323232;">   "files":[
</span><span style="color:#323232;">      {
</span><span style="color:#323232;">         "file":"001665df-3b25-415f-8a59-3d836bb68dd1.webp",
</span><span style="color:#323232;">         "delete_token":"d88b7f32-a56f-4679-bd93-4f334764d381"
</span><span style="color:#323232;">      }
</span><span style="color:#323232;">   ]
</span><span style="color:#323232;">}
</span>

Two pieces of information are returned here:

  1. file (aka the "alias") is the server filename of the uploaded image
  2. delete_token is the token needed to delete the image

Of course, if you didn't capture this image's delete_token at upload-time, then you must fetch it from the postgres DB.

First, open a shell on your running postgres container. If you installed Lemmy with docker compose, use docker compose ps to get the "SERVICE" name of your postgres host, and then enter it with docker exec


<span style="color:#323232;">docker compose ps --format "table {{.Service}}t{{.Image}}t{{.Name}}"
</span><span style="color:#323232;">docker compose exec <docker_service_name> /bin/bash
</span>

For example:


<span style="color:#323232;">user@host:/home/user/lemmy# docker compose ps --format "table {{.Service}}t{{.Image}}t{{.Name}}"
</span><span style="color:#323232;">SERVICE    IMAGE                            NAME
</span><span style="color:#323232;">lemmy      dessalines/lemmy:0.19.3          lemmy-lemmy-1
</span><span style="color:#323232;">lemmy-ui   dessalines/lemmy-ui:0.19.3       lemmy-lemmy-ui-1
</span><span style="color:#323232;">pictrs     docker.io/asonix/pictrs:0.5.4    lemmy-pictrs-1
</span><span style="color:#323232;">postfix    docker.io/mwader/postfix-relay   lemmy-postfix-1
</span><span style="color:#323232;">postgres   docker.io/postgres:15-alpine     lemmy-postgres-1
</span><span style="color:#323232;">proxy      docker.io/library/nginx          lemmy-proxy-1
</span><span style="color:#323232;">user@host:/home/user/lemmy# 
</span><span style="color:#323232;">
</span><span style="color:#323232;">user@host:/home/user/lemmy# docker compose exec postgres /bin/bash
</span><span style="color:#323232;">postgres:/# 
</span>

Connect to the database as the lemmy user


<span style="color:#323232;">psql -U lemmy
</span>

For example


<span style="color:#323232;">postgres:/# psql -U lemmy
</span><span style="color:#323232;">psql (15.5)
</span><span style="color:#323232;">Type "help" for help.
</span><span style="color:#323232;">
</span><span style="color:#323232;">lemmy=# 
</span>

Query for the image by the "alias" (the filename)


<span style="color:#323232;">select * from image_upload where pictrs_alias = '<image_filename>';
</span>

For example


<span style="color:#323232;">lemmy=# select * from image_upload where pictrs_alias = '001665df-3b25-415f-8a59-3d836bb68dd1.webp';
</span><span style="color:#323232;"> local_user_id | pictrs_alias | pictrs_delete_token | published 
</span><span style="color:#323232;">---------------+--------------+---------------------+-----------
</span><span style="color:#323232;">1149 | 001665df-3b25-415f-8a59-3d836bb68dd1.webp | d88b7f32-a56f-4679-bd93-4f334764d381 | 2024-02-07 11:10:17.158741+00
</span><span style="color:#323232;">(1 row)
</span><span style="color:#323232;">
</span><span style="color:#323232;">lemmy=# 
</span>

Now, take the pictrs_delete_token from the above output, and use it to delete the image.

The following command should be able to be run on any computer connected to the internet.


<span style="color:#323232;">curl -i "https://<instance_domain>/pictrs/image/delete/<pictrs_delete_token>/<image_filename>"
</span>

For example:


<span style="color:#323232;">user@disp9140:~$ curl -i "https://monero.town/pictrs/image/delete/d88b7f32-a56f-4679-bd93-4f334764d381/001665df-3b25-415f-8a59-3d836bb68dd1.webp"
</span><span style="color:#323232;">
</span><span style="color:#323232;">HTTP/2 204 No Content
</span><span style="color:#323232;">server: nginx
</span><span style="color:#323232;">date: Fri, 09 Feb 2024 15:37:48 GMT
</span><span style="color:#323232;">vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
</span><span style="color:#323232;">cache-control: private
</span><span style="color:#323232;">referrer-policy: same-origin
</span><span style="color:#323232;">x-content-type-options: nosniff
</span><span style="color:#323232;">x-frame-options: DENY
</span><span style="color:#323232;">x-xss-protection: 1; mode=block
</span><span style="color:#323232;">X-Firefox-Spdy: h2
</span><span style="color:#323232;">user@disp9140:~$ 
</span>

ⓘ Note: If you get an incorrect_login error, then try [a] logging into the instance in your web browser and then [b] pasting the "https://<instance_domain>/pictrs/image/delete/<pictrs_delete_token>/<image_filename>" URL into your web browser.

The image should be deleted.

Method Two: /internal/purge?alias={alias}

Alternatively, you could execute the deletion directly inside the pictrs container. This eliminates the need to fetch the delete_token.

First, open a shell on your running pictrs container. If you installed Lemmy with docker compose, use docker compose ps to get the "SERVICE" name of your postgres host, and then enter it with docker exec


<span style="color:#323232;">docker compose ps --format "table {{.Service}}t{{.Image}}t{{.Name}}"
</span><span style="color:#323232;">docker compose exec <docker_service_name> /bin/sh
</span>

For example:


<span style="color:#323232;">user@host:/home/user/lemmy# docker compose ps --format "table {{.Service}}t{{.Image}}t{{.Name}}"
</span><span style="color:#323232;">SERVICE    IMAGE                            NAME
</span><span style="color:#323232;">lemmy      dessalines/lemmy:0.19.3          lemmy-lemmy-1
</span><span style="color:#323232;">lemmy-ui   dessalines/lemmy-ui:0.19.3       lemmy-lemmy-ui-1
</span><span style="color:#323232;">pictrs     docker.io/asonix/pictrs:0.5.4    lemmy-pictrs-1
</span><span style="color:#323232;">postfix    docker.io/mwader/postfix-relay   lemmy-postfix-1
</span><span style="color:#323232;">postgres   docker.io/postgres:15-alpine     lemmy-postgres-1
</span><span style="color:#323232;">proxy      docker.io/library/nginx          lemmy-proxy-1
</span><span style="color:#323232;">user@host:/home/user/lemmy# 
</span><span style="color:#323232;">
</span><span style="color:#323232;">user@host:/home/user/lemmy# docker compose exec pictrs /bin/sh
</span><span style="color:#323232;">~ $ 
</span>

Execute the following command inside the pictrs container.


<span style="color:#323232;">wget --server-response --post-data "" --header "X-Api-Token: ${PICTRS__SERVER__API_KEY}" "http://127.0.0.1:8080/internal/purge?alias=<image_filename>"
</span>

For example:


<span style="color:#323232;">~ $ wget --server-response --post-data "" --header "X-Api-Token: ${PICTRS__SERVER__API_KEY}" "http://127.0.0.1:8080/internal/purge?alias=001665df-3b25-415f-8a59-3d836bb68dd1.webp"
</span><span style="color:#323232;">Connecting to 127.0.0.1:8080 (127.0.0.1:8080)
</span><span style="color:#323232;">HTTP/1.1 200 OK
</span><span style="color:#323232;">content-length: 67
</span><span style="color:#323232;">connection: close
</span><span style="color:#323232;">content-type: application/json
</span><span style="color:#323232;">date: Wed, 14 Feb 2024 12:56:24 GMT
</span><span style="color:#323232;">
</span><span style="color:#323232;">saving to 'purge?alias=001665df-3b25-415f-8a59-3d836bb68dd1.webp'
</span><span style="color:#323232;">purge?alias=001665df 100% |*****************************************************************************************************************************************************************************************************************************| 67 0:00:00 ETA
</span><span style="color:#323232;">'purge?alias=001665df-3b25-415f-8a59-3d836bb68dd1.webp' saved
</span><span style="color:#323232;">
</span><span style="color:#323232;">~ $ 
</span>

ⓘ Note: There's an error in the pict-rs reference documentation. It says you can POST to /internal/delete, but that just returns 404 Not Found.

The image should be deleted

Further Reading

Unfortunately, it seems that the Lemmy develoeprs are not taking these moral and legal (GDPR) risks seriously (they said it may take years before they address them), and they threatened to ban me for trying to highlight the severity of this risk, get them to tag GDPR-related bugs, and to prioritize them.

  • lemmy : Deleted Account should delete uploaded media (pictures) too
  • lemmy : Users unable to delete their images (pictrs API)
  • lemmy : Unapproved users cannot delete their accounts/data
  • lemmy : Banned users cannot delete their accounts/data
  • lemmy : Create an interface for local users to view and remove images
  • lemmy-ui : Allow users to delete images they uploaded
  • lemmy-ui : Allow admins to view & delete uploaded images
  • lemmy-ui : private_message_disclaimer to include user's matrix handle
  • jerboa : UI for deleting uploaded files
  • jerboa : Setting to hide "upload media" button
  • jerboa : Add "confirm upload" step to UX
  • lemmy-docs : Document image moderation

If GDPR-compliance is important to you on the fediverse, then please provide feedback to the Lemmy developers in the GitHub links above.

Attribution

This comment was copied from the following article: Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)

https://tech.michaelaltfield.net/2024/03/04/lemmy-fediverse-gdpr/
Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)
  • All
  • Subscribed
  • Moderated
  • Favorites
  • anitta
  • everett
  • hgfsjryuu7
  • Youngstown
  • khanakhh
  • slotface
  • rosin
  • InstantRegret
  • ngwrru68w68
  • kavyap
  • vwfavf
  • thenastyranch
  • DreamBathrooms
  • PowerRangers
  • Leos
  • magazineikmin
  • Durango
  • tacticalgear
  • mdbf
  • cisconetworking
  • ethstaker
  • GTA5RPClips
  • osvaldo12
  • cubers
  • modclub
  • tester
  • normalnudes
  • provamag3
  • All magazines
    •