mirror
/
akkoma
mirror of https://akkoma.dev/AkkomaGang/akkoma
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
akkoma/lib/pleroma/object
History
Oneric 70fe99d196 Prevent key-actor mapping poisoning and key take overs 
Previously there were mainly two attack vectors:
 - for raw keys the owner <-> key mapping wasn't verified at all
 - keys were retrieved with refetching allowed
   and only the top-level ID was sanitised while
   usually keys are but a subobject

This reintroduces public key checks in the user actor,
previously removed in 9728e2f8f7
but now adapted to account for the new mapping mechanism.
 		2025-02-14 22:10:25 +01:00
..
containment.ex Prevent key-actor mapping poisoning and key take overs 2025-02-14 22:10:25 +01:00
fetcher.ex Prevent key-actor mapping poisoning and key take overs 2025-02-14 22:10:25 +01:00
pruner.ex Fixing up deletes a bit (#327) 2022-12-01 15:00:53 +00:00
updater.ex Support elixir1.15 2023-08-03 17:44:09 +01:00