Update rules to add data disclaimers.

This commit is contained in:
Citlali del Rey 2024-04-05 19:00:04 -07:00
parent 3cddfc608d
commit 64f14a17ca
Signed by: nullobsi
GPG key ID: 933A1F44222C2634
2 changed files with 228 additions and 18 deletions

View file

@ -9,7 +9,7 @@ body {
min-height: 100vh;
}
h1, h2 {
h2 {
color: #4af626;
}
@ -37,7 +37,7 @@ a:visited {
color: #211c1b;
}
h1, h2 {
h2 {
color: #4c982a;
}

View file

@ -6,7 +6,7 @@
To provide a welcoming space, UNIX.dog needs some rules. (tl;dr don't be an asshole).
</p>
<p>
Please keep in mind that final intepretation of these rules are up to UNIX.dog admins.
Please keep in mind that final interpretation of these rules are up to UNIX.dog admins.
As the server is hosted in St. Louis, United States, by Contabo, all use of UNIX.dog services
must follow federal law of the U.S. and the
<a href="https://contabo.com/en/legal/terms-and-conditions/">Contabo terms of service.</a>
@ -27,7 +27,11 @@
Do not impersonate or otherwise deceptively claim yourself as a UNIX.dog admin.
All official communications will be from alpha at unix dot dog or this website.
</li>
<li>Do not collect UNIX.dog user data without express permission.</li>
<li>
Do not collect UNIX.dog user data without express
permission from the administrators or the user in
question.
</li>
<li>Do not use UNIX.dog services for commercial reasons.</li>
<li>Do not attack, compromise, or disrupt UNIX.dog services with malicious intent.</li>
<li>Be courteous of the shared resources provided, and be mindful of your time using them.</li>
@ -85,7 +89,7 @@
No "ex post facto" judgements.
</li>
<li>
Burden of proof is laid on the accuser, not the accusee. Please keep this in mind
Burden of proof is laid on the accuser, not the accused. Please keep this in mind
when submitting reports.
</li>
</ol>
@ -101,19 +105,225 @@
WITH THESE SERVICES OR THE USE OR OTHER DEALINGS IN THESE SERVICES.
</p>
</section>
<section>
<h2>Logging Disclaimer</h2>
<p>
The following information is collected by the services running on UNIX.dog.
</p>
<ul>
<li>Any content uploaded by users.</li>
</ul>
<h3>Akkoma</h3>
<p>
</p>
</section>
<small>These rules inspired by <a href="https://www.nuegia.net/services_draft.xhtml">Nuegia's TOS</a></small>
<section>
<h2>Data &amp; Logging Disclaimers</h2>
<p>
This section should be taken as a rough overview and guide as
to what happens to your data. UNIX.dog does not use your
data in any commercial capacity, and only stores data
necessary for service operation or security and auditing.
</p>
<p>
If you are concerned or believe that there is something
missing here, please reach out via email or XMPP.
</p>
<p>
The following data is made accessible to the world.
</p>
<h3>LDAP</h3>
<ul>
<li>Chosen username.</li>
<li>Personal information given on the account page.</li>
<li>SSH public keys.</li>
<li>Login shell.</li>
</ul>
<h3>XMPP</h3>
<p>Privacy settings can be configured with supported XMPP
clients.</p>
<ul>
<li>Personal information published on your VCARD.</li>
<li>Uploaded avatar image.</li>
<li>Presence information to your subscribed contacts.</li>
<li>
Other information exposed by your XMPP client. This can
include hostname and OS version. Check your XMPP client
for details.
</li>
</ul>
<h3>Mumble</h3>
<ul>
<li>Chosen username.</li>
<li>User channel info, if created.</li>
</ul>
<h3>E-Mail</h3>
<p>
Filters are not applied to outgoing mail. The following may
be included in the e-mail headers:
</p>
<ul>
<li>
Sender IP.
</li>
<li>Sender hostname.</li>
<li>Sender client identification string.</li>
</ul>
<h3>Akkoma</h3>
<p>Akkoma has built-in privacy settings.</p>
<ul>
<li>
Provided personal information such as display name,
bio, and profile
avatar.
</li>
<li>Posts and boosts marked as public.</li>
<li>
Your social network, i.e. your followers and who you are
following.
</li>
</ul>
<h3>IPFS</h3>
<p>Due to the nature of IPFS, uploaded data can be accessed by
anyone with the CID.</p>
<h3>Nextcloud</h3>
<p>Nextcloud has built in privacy settings.</p>
<ul>
<li>
Personal information published on your profile such as
display name, bio, profile avatar, and more.
</li>
<li>Files shared publicly.</li>
</ul>
<h3>Shell access</h3>
<p>
Files located under ~/public are accessible to the world, as
determined by their UNIX permissions.
</p>
<p>
The following information is stored by the services, and
accessible by users on UNIX.dog.
</p>
<h3>Shell access</h3>
<ul>
<li>Last login times and IP, via WTMP logs.</li>
<li>
Currently open sessions and connection IP, via UTMP
logs.
</li>
<li>
The home directory has default permissions that let
others view the list of files, required for the public
folder to work. If this bothers you, consider changing
your umask in your shell RC file and storing files in a
subfolder.
</li>
<li>
Users can send you messages via the write and wall
commands. Use mesg n to disable.
</li>
</ul>
<p>
The following information is stored by the services, and
accessible to administrators.
</p>
<h3>HTTP</h3>
<p>
The HTTP server stores access logs, including source IP and
headers.
</p>
<h3>LDAP</h3>
<p>
The LDAP server stores no logs. It does store the data
mentioned in previous sections.
</p>
<h3>Akkoma</h3>
<p>
The Akkoma server stores only error logs. Any data uploaded
to the Akkoma server (including post and DM content)
is accessible by administrators. Please
keep in mind that ActivityPub is not a secure protocol, and
should not be used for sensitive communications.
</p>
<h3>XMPP</h3>
<p>If you use OMEMO encryption, message content is encrypted.</p>
<ul>
<li>Your XMPP roster.</li>
<li>Uploaded files are published at an obfuscated URL.</li>
<li>
Message content is cached for 7 days in MAM, for both
private messages and group chats (MUCs).
</li>
<li>
Connection and authentication logs are stored, which
includes connection IP.
</li>
</ul>
<h3>Legacy service XMPP bridges</h3>
<p>The legacy service XMPP bridges are hosted on a seperate
server, not woofer.</p>
<ul>
<li>
Provided credentials to authorize to the legacy service,
unencrypted.
</li>
<li>
Legacy contacts get synced to the UNIX.dog XMPP server.
</li>
</ul>
<h3>Forgejo</h3>
<ul>
<li>Any uploaded repositories.</li>
<li>Error logs.</li>
</ul>
<h3>E-Mail</h3>
<p>
E-Mail is an unencrypted protocol. Consider using PGP or
other encryption if you require secure communications.
</p>
<ul>
<li>E-Mail content in your home directory.</li>
<li>Authentication logs, including connection IP.</li>
<li>Transport logs, including source and destination email.</li>
<li>Error logs.</li>
</ul>
<h3>Nextcloud</h3>
<ul>
<li>File content.</li>
<li>Contacts and Calendar content.</li>
<li>Other data which is uploaded to the Nextcloud server.</li>
<li>Error logs.</li>
</ul>
<h3>Mumble</h3>
<ul>
<li>Client certificate public key, for authorization.</li>
<li>
Authentication logs, which include connection IP and
possibly client OS.
</li>
<li>Error logs.</li>
</ul>
<h3>SSH</h3>
<ul>
<li>
Authentication logs, which include connection IP,
username, and public key (if provided).
</li>
</ul>
<h3>IPFS Upload Service</h3>
<ul>
<li>Pinned CIDs, associated with a user.</li>
</ul>
</section>
</article>