this post was submitted on 06 Mar 2024
6 points (87.5% liked)

Bug reports on any software

116 readers
4 users here now

When a bug tracker is inside the exclusive walled-gardens of MS Github or Gitlab.com, and you cannot or will not enter, where do you file your bug report? Here, of course. This is a refuge where you can report bugs that are otherwise unreportable due to technical or ethical constraints.

⚠of course there are no guarantees it will be seen by anyone relevant. Hopefully some kind souls will volunteer to proxy the reports.

founded 3 years ago
MODERATORS
freedomPusher@sopuli.xyz
6
update <Lemmy> security issue: spontaneous access given to admin’s account (sopuli.xyz)
submitted 8 months ago* (last edited 5 months ago) by freedomPusher@sopuli.xyz to c/bugs@sopuli.xyz
16 comments fedilink hide all child comments
 

I think I was refreshing my profile or notifications page (forget which). As it was loading for ~1—2 seconds my screen color theme changed and in the top right corner I saw someone else’s userID, then it quickly reverted back to my theme and userID.

As fast as it happened I only took mental note of the first half of the other userID, which happened to match that of the admin. I described the colors I saw in that 1—2 second timeframe to the admin who confirmed it was indeed the color theme they configured for their environment (which differs from the default).

I clearly had the admin’s session for a second or two. It was so quick that a malicious user probably could not do anything malicious. But of course just as I have no idea how I apparently got the admin’s cookie for a second or two, I have no idea how I got back my cookie. Maybe if I had quickly hit ESC mid-loading the access breach could have been sustained.

#lemmyBug

As usual, this bug report is posted here because the official bug tracker is jailed in MS Github. I should add that Microsoft supports those responsible for the death of Hind Rajab by financing AnyVision, which is good cause to boycott Microsoft.

you are viewing a single comment's thread
view the rest of the comments
[–] QuentinCallaghan@sopuli.xyz 4 points 8 months ago (2 children)

At the time when I got the message, I wasn't doing any kind of tinkering with the instance.

[–] freedomPusher@sopuli.xyz 3 points 8 months ago

To add to that, there was probably at most a few minutes gap between what I experienced and sending the message.

[–] Synnr@sopuli.xyz 3 points 8 months ago* (last edited 8 months ago)

I have seen a caching (I believe) issue on an nginx/Express service where the POST payload was valid but much larger than normally expected, and it returned all of the companies customer's orders in the queue instead of only ours. On refresh, it was fine. It never did get fixed as far as I know as they had trouble reproducing it even though I provided video and steps multiple times. I wasn't able to produce a PoC script because it was linked to the order/payment process, and wouldn't go through twice without payment. I don't know for sure it was a caching issue in the end, but the similarity should be noted.