m88youngling
commented
1 year ago Great find! Thank you for documenting this!
Open Kee7702 opened 1 year ago
m88youngling
commented
1 year ago Great find! Thank you for documenting this!
Kee7702
commented
1 year ago Great find! Thank you for documenting this!
It's definitely a vulnerability for when this will become a public server, and it was discovered due to a bug. LBP1 did not properly load the image, but for why I'm not sure. Might it be required to convert file formats depending on the game connected to the server?
sudokoko
commented
1 year ago However, storing unused assets would be good for moderation. Would be quite easy to catch anyone uploading inappropriate content. However storing that off-site would be a better way to do this.
m88youngling
commented
1 year ago Good idea. I was told by a rather sus character back in 2021 that this was what the official servers did. Perhaps we could set up a config entry where you can plug in a link for where deleted assets are shipped off to. But, that still doesn't solve the problem of controls to prevent abuse.
One tool already in motion that can help prevent abuse is server-side rate limiting, which is outside the scope of Lighthouse but would in theory protect against people maliciously uploading assets.
sudokoko
commented
1 year ago Good idea. I was told by a rather sus character back in 2021 that this was what the official servers did. Perhaps we could set up a config entry where you can plug in a link for where deleted assets are shipped off to. But, that still doesn't solve the problem of controls to prevent abuse.
One tool already in motion that can help prevent abuse is server-side rate limiting, which is outside the scope of Lighthouse but would in theory protect against people maliciously uploading assets.
You made a good point here. Potentially a limit to how many times you can update your profile picture per 24 hours, a longer-timed version of how Discord does it.
As for deleted asset storage, having configuration options for something like an S3 Bucket would probably work. Will look into it.
Slendy
commented
1 year ago The current functionality of lighthouse is that when a photo is deleted its corresponding resources are also deleted. What can happen though is if that photo was used in other places it can be re-uploaded through other means like publishing levels or setting a profile icon. Edit: I just noticed that this issue is in reference to the custom profile picture feature on the website which doesn't delete old photos
Kee7702
commented
1 year ago The current functionality of lighthouse is that when a photo is deleted its corresponding resources are also deleted. What can happen though is if that photo was used in other places it can be re-uploaded through other means like publishing levels or setting a profile icon. Edit: I just noticed that this issue is in reference to the custom profile picture feature on the website which doesn't delete old photos
Specifically, this issue isn't just in relation to the website. I only found out because I uploaded it through LBP1 due to the file uploaded from the website not loading on LBP1(which is the only issue here relating to the website). It is only observable on the website because I can actually get a file path. The issue also could be useful in some cases, so it definitely should remain an option to keep old assets, but to actually associate them to a user account that can be viewed by a moderator.
TorutheRedFox
commented
1 year ago However, storing unused assets would be good for moderation. Would be quite easy to catch anyone uploading inappropriate content. However storing that off-site would be a better way to do this.
garbage collecting old files could be done too
a way of doing this would be touching the files when a file that's dependent on it gets uploaded or deleted, then checking their modification date upon garbage collection, while keeping a log of dependencies that should be updated as resources dependent on others are uploaded and deleted, with unused and deleted files, which should show whether the file is unused or not, and should be deleted if the last event involving it was more than, say 30 days ago (make it admin configurable) and it's unused
sudokoko
commented
1 year ago Touching back on this, could also be a maintenance routine via the admin panel that can be run at the instance admin's descretion.
Describe the bug When something like a profile picture is uploaded, the old asset isn't deleted. This essentially means that there is a potential for exploits, by rapidly uploading new images.
To Reproduce Steps to reproduce the behavior:
Expected behavior After maybe a few minutes or days it would've been deleted, but it remains on the server.
Screenshots No screenshot, but here's an example. Both /gameAssets/42663ec9c449f964cef4a0fb3b0653ce74c098fe and /gameAssets/a1e4ed63b74a5285958b19a1491142130f476346 were uploaded to the same profile, and 1 of which should now go unused and thus would be wasting storage space.
Game(s) affected
Additional context I had to reupload my profile picture from LBP1 since uploading from the website caused a placeholder image to show on LBP1. Since this affects profile pictures, it is also likely to affect things like shared images and level badges.