WARNING: Lemmy Self-Hosters, There Have Been CSAM Attacks taking place against !lemmyshitpost@lemmy.worldlocked
cross-posted from: https://jamie.moe/post/113630
There have been users spamming CSAM content in !lemmyshitpost@lemmy.world causing it to federate to other instances. If your instance is subscribed to this community, you should take action to rectify it immediately. I recommend performing a hard delete via command line on the server.
I deleted every image from the past 24 hours personally, using the following command:
sudo find /srv/lemmy/example.com/volumes/pictrs/files -type f -ctime -1 -exec shred {} \;
Note: Your local jurisdiction may impose a duty to report or other obligations. Check with these, but always prioritize ensuring that the content does not continue to be served.
Update
Apparently the Lemmy Shitpost community is shut down as of now.
You are viewing a single comment
Yup. Nope.
Pictrs is just completely disabled now. Rather be safe, then sorry.
Is this why I couldn't upload a meme to the Lemmy World servers earlier today?
Fuck...
Yeah... Just wow. I disabled pictrs and deleted all its images, which also means all my community images/uploaded images are gone, and it's more of a hassle to see other people's images, but in the end I think it's worth it.
Through caching every image pictrs was also taking up a massive amount of space on my Pi, which I also use for Nextcloud. So that's another plus!
Note, apparently, lemmy will get pretty pissy if pictrs isn't working..... and the "primary" lemmy GUI will straight-up stop working.
Although, https://old.lemmyonline.com/ will still work.
And- I am with you. My pictrs storage, has ended up taking up quite a bit of room.
There has to be a more elegant way of dealing with this in the future, like de-coupling between Lemmy-account hosting (which effectively means acitivypub-fediverse account) and Lemmy-communities hosting.
Is disabling Pictrs as simple as stopping the Docker container?
Yup.
I sent a step further, and commented out the pictrs related configuration from the lemmy.hjson too.
Does that disable image saving and processing for one's instance?
Yup.
So far, mostly everything appears to work still. But, trying to upload an image, just throws an error.
I don't see a way to actually "gracefully" disable it, but, this works.
Edit- don't just stop pictrs.
Lemmy gets very pissy... and b reaks.