|
|
|
|
@ -157,8 +157,8 @@ between `public`, `invite`, and `restricted`.
|
|
|
|
|
## Security considerations
|
|
|
|
|
|
|
|
|
|
The `allow` feature for `join_rules` places increased trust in the servers in the
|
|
|
|
|
room. We consider this acceptable: if you don't want evil servers randomly
|
|
|
|
|
joining spurious users into your rooms, then:
|
|
|
|
|
room. We consider this acceptable: if you don't want evil servers randomly
|
|
|
|
|
joining spurious users into your rooms, then:
|
|
|
|
|
|
|
|
|
|
1. Don't let evil servers in your room in the first place
|
|
|
|
|
2. Don't use `allow` lists, given the expansion increases the attack surface anyway
|
|
|
|
|
@ -193,8 +193,8 @@ to just introduce a a new join rule - `restricted` - as described above.
|
|
|
|
|
|
|
|
|
|
## Future extensions
|
|
|
|
|
|
|
|
|
|
Potential future extensions which should not be designed out
|
|
|
|
|
include, but are not included in this MSC.
|
|
|
|
|
Potential future extensions which should not be designed out include, but are not
|
|
|
|
|
included in this MSC.
|
|
|
|
|
|
|
|
|
|
### Checking space membership over federation
|
|
|
|
|
|
|
|
|
|
|
Patrick Cloke
4 years ago
committed by