You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We accept some PL event transitions that are maybe unexpected.
Suppose we have a room where:
events."m.room.power_levels" has been lowered to 50 (ie, "moderators" have been allowed to change the power levels)
users."@mischievous_mod:example.com" is 50 (ie, they are a moderator)
events_default is 75, so @mischievous_mod (and other users) cannot send arbitrary events.
Now:
@mischievous_mod can add new entries to events, thus allowing themselves (or other users) to send events. This appears to be counter to the spirit of point 10.4.1 of the auth rules:
For each entry being added ... in both the events and users keys: if the current value is higher than the sender’s current power level, reject.
... which seems to seek to prevent the sender of a PL event from controlling the transmission of events that they themselves do not have permission to send.
Conversely, suppose there is an existing entry in events setting "m.room.message": 0. The mischievous moderator can remove this entry, thus changing the required PL for sending such an event to the default (75). This appears to be counter to the spirit of point 10.4.2:
If the new value is higher than the sender’s current power level, reject.
... which seems to seek to prevent the sender of a PL event from preventing other users with the same PL from sending that event.
Suppose now that users_default is 75.
@mischievous_mod can add an entry to the users key demoting another user with a higher power level than themselves.
@mischievous_mod can remove an entry from the users key, promoting another user (or themselves) to a higher power level than their own.
The text was updated successfully, but these errors were encountered:
We accept some PL event transitions that are maybe unexpected.
Suppose we have a room where:
events."m.room.power_levels"
has been lowered to 50 (ie, "moderators" have been allowed to change the power levels)users."@mischievous_mod:example.com"
is 50 (ie, they are a moderator)events_default
is 75, so@mischievous_mod
(and other users) cannot send arbitrary events.Now:
@mischievous_mod
can add new entries toevents
, thus allowing themselves (or other users) to send events. This appears to be counter to the spirit of point 10.4.1 of the auth rules:... which seems to seek to prevent the sender of a PL event from controlling the transmission of events that they themselves do not have permission to send.
Conversely, suppose there is an existing entry in
events
setting"m.room.message": 0
. The mischievous moderator can remove this entry, thus changing the required PL for sending such an event to the default (75). This appears to be counter to the spirit of point 10.4.2:... which seems to seek to prevent the sender of a PL event from preventing other users with the same PL from sending that event.
Suppose now that
users_default
is 75.@mischievous_mod
can add an entry to theusers
key demoting another user with a higher power level than themselves.@mischievous_mod
can remove an entry from theusers
key, promoting another user (or themselves) to a higher power level than their own.The text was updated successfully, but these errors were encountered: