search

matrix-org / synapse

Synapse: Matrix homeserver written in Python/Twisted.
https://matrix-org.github.io/synapse
Apache License 2.0
11.8k stars 2.13k forks source link

We need a way of redacting offensive avatars and displaynames (SYN-566) #1458

Open matrixbot opened 8 years ago

matrixbot commented 8 years ago

Submitted by @​matthew:matrix.org Currently the best you can do is redact the events which introduce the contents onto the timeline. However, the profile data remains intact and so the membership list etc continues as is. Given we have per-room profile data we should use it to redact the information from the room.

(Imported from https://matrix.org/jira/browse/SYN-566)

matrixbot commented 8 years ago

Jira watchers: @ara4n

matrixbot commented 8 years ago

To clarify: the redact API worked as intended (removing human readable contents of a join event: displayname and avatar). However, we have a seperate problem that the redacted data still leaks into the view of the room via the user's global profile data. I am proposing that redacting a this data on a join or profile event should also remove it from the per-room profile data (and that we should implement and uphold per-room profile data). This could be done as a synapse-specific feature for now, hence filing it here rather than blocking it on Matrix spec.

-- @ara4n

MadLittleMods commented 3 years ago

Related to https://github.com/vector-im/element-meta/issues/1858

PC-Admin commented 1 year ago

Okay, here's a decent solution for this that doesn't involve nuking your entire remote media repository:

Example, let's start with the URL of the abusive image in question: https://matrix.perthchat.org/_matrix/media/r0/download/matrix.org/eDmjusOjnHyFPOYGxlrOsULJ

First use the media_id (eDmjusOjnHyFPOYGxlrOsULJ) to find the filesystem_id with an SQL query:

$ /matrix/postgres/bin/cli-non-interactive --dbname=synapse -t -c "SELECT DISTINCT filesystem_id FROM remote_media_cache WHERE media_id = 'eDmjusOjnHyFPOYGxlrOsULJ'" | xargs
ehckzWWeUkDhhPfNFkcfCFNv

Then use that filesystem_id to locate the remote file and all it's thumbnails:

$ ssh matrix.perthchat.org "find /matrix/synapse/storage/media-store/remote_thumbnail/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv -type f -printf '%p\n'"
#/matrix/synapse/storage/media-store/remote_thumbnail/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv/32-32-image-jpeg-crop
#/matrix/synapse/storage/media-store/remote_thumbnail/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv/640-480-image-jpeg-scale
...
$ ssh matrix.perthchat.org "ls /matrix/synapse/storage/media-store/remote_content/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv"
/matrix/synapse/storage/media-store/remote_content/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv

Then zero each file and make it immutable:

$ ssh matrix.perthchat.org "true > /matrix/synapse/storage/media-store/remote_thumbnail/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv/32-32-image-jpeg-crop"
$ ssh matrix.perthchat.org "chattr +i /matrix/synapse/storage/media-store/remote_thumbnail/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv/32-32-image-jpeg-crop"
$ ssh matrix.perthchat.org "true > /matrix/synapse/storage/media-store/remote_thumbnail/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv/640-480-image-jpeg-scale"
$ ssh matrix.perthchat.org "chattr +i /matrix/synapse/storage/media-store/remote_thumbnail/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv/640-480-image-jpeg-scale"
...
$ ssh matrix.perthchat.org "true > /matrix/synapse/storage/media-store/remote_content/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv"
$ ssh matrix.perthchat.org "chattr +i /matrix/synapse/storage/media-store/remote_content/matrix.org/eh/ck/zWWeUkDhhPfNFkcfCFNv"

It's now possible to do all of this easily with my moderation script, first run the 'Redact a room event.' section:

16

Enter the internal id of the room the event is in (Example: !rapAelwZkajRyeZIpm:perthchat.org): !aYcTWHeXeJFQyPrplT:perthchat.org

Enter the event id of the event you wish to redact (Example: $lQT7NYYyVvwoVpZWcj7wceYQqeOzsJg1N6aXIecys4s): $va02kGTlS4zShUWz1e0QdrsDt3r3l9uYwqhhiB-KYPk

Enter the reason you're redacting this content: Evil Clown

Then finally run the 'Delete and block a specific media.' section:

26

Enter the media_id of the media you would like to delete and block on your server. (Example: For this media https://matrix.perthchat.org/_matrix/media/r0/download/matrix.org/eDmjusOjnHyFPOYGxlrOsULJ the media_id is 'eDmjusOjnHyFPOYGxlrOsULJ'): eDmjusOjnHyFPOYGxlrOsULJ

Enter the remote servers URL without the 'https://' (Example: matrix.org): matrix.org

It's that easy! xD