372 lines
11 KiB
Plaintext
372 lines
11 KiB
Plaintext
% layout 'default';
|
|
% title 'UNIX.dog Rules';
|
|
<article>
|
|
<h1>UNIX.dog Rules</h1>
|
|
<p>
|
|
To provide a welcoming space, UNIX.dog needs some rules. (tl;dr don't be an asshole).
|
|
</p>
|
|
<p>
|
|
Please keep in mind that final interpretation of these rules are up to UNIX.dog admins.
|
|
As the server is hosted in St. Louis, United States, by Contabo, all use of UNIX.dog services
|
|
must follow federal law of the U.S. and the
|
|
<a href="https://contabo.com/en/legal/terms-and-conditions/">Contabo terms of service.</a>
|
|
</p>
|
|
<p>
|
|
As noted below, all official communication will come from alpha at unix dot dog or this
|
|
website. As precaution, these communications will be signed with the following GPG key:
|
|
</p>
|
|
<pre>67A3 9437 8618 B72E B4D5 CC69 B0EB E117 49B9 9367</pre>
|
|
<p>
|
|
which can be found hosted <a href="/alpha.asc">here.</a>
|
|
</p>
|
|
|
|
<section>
|
|
<h2>Network Conduct</h2>
|
|
<ol>
|
|
<li>
|
|
Do not impersonate or otherwise deceptively claim yourself as a UNIX.dog admin.
|
|
All official communications will be from alpha at unix dot dog or this website.
|
|
</li>
|
|
<li>
|
|
Do not collect UNIX.dog user data without express
|
|
permission from the administrators or the user in
|
|
question.
|
|
</li>
|
|
<li>Do not use UNIX.dog services for commercial reasons.</li>
|
|
<li>Do not attack, compromise, or disrupt UNIX.dog services with malicious intent.</li>
|
|
<li>Be courteous of the shared resources provided, and be mindful of your time using them.</li>
|
|
</ol>
|
|
</section>
|
|
<section>
|
|
<h2>Personal Conduct</h2>
|
|
<ol>
|
|
<li>Treat every individual with respect and kindness.</li>
|
|
<li>
|
|
Do not use profanity, slurs, or offensive language
|
|
in a way directed maliciously at an individual.
|
|
</li>
|
|
<li>
|
|
Do not discriminate against individuals because of race, religion, nationality,
|
|
membership in a particular social group, or political opinion.
|
|
</li>
|
|
<li>
|
|
Do not bully, harass, or otherwise intimidate or cause emotional harm to
|
|
any individual with malicious intent or via negligence.
|
|
</li>
|
|
</ol>
|
|
</section>
|
|
<section>
|
|
<h2>Content Rules</h2>
|
|
<ol>
|
|
<li>When uploading NSFW, please tag it accordingly.</li>
|
|
<li>Do not upload content that is illegal in the U.S.</li>
|
|
<li>Sexual depictions of children, including artistic depictions, are not allowed.</li>
|
|
</ol>
|
|
</section>
|
|
<section>
|
|
<h2>Moderation Conduct</h2>
|
|
<p>
|
|
Please note that this should apply to both UNIX.dog admins
|
|
and moderators along with moderators of user-created MUCs
|
|
or other groups on UNIX.dog services.
|
|
</p>
|
|
<ol>
|
|
<li>You must not give cruel, unusual, or vindictive punishments to users.</li>
|
|
<li>
|
|
You must give an explicit, unambiguous warning to users before performing
|
|
a privileged action on them, unless it is reasonably determined that they
|
|
are automated.
|
|
</li>
|
|
<li>
|
|
You must also provide an explicit, unambiguous reason and duration
|
|
to the privileged action.
|
|
</li>
|
|
<li>
|
|
You must provide a banned user, after a reasonable cool-down period,
|
|
the ability to exchange external contacts with their peers.
|
|
</li>
|
|
<li>
|
|
No "ex post facto" judgements.
|
|
</li>
|
|
<li>
|
|
Burden of proof is laid on the accuser, not the accused. Please keep this in mind
|
|
when submitting reports.
|
|
</li>
|
|
</ol>
|
|
</section>
|
|
<section>
|
|
<h2>Legal Disclaimer</h2>
|
|
<p>
|
|
THESE SERVICES ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
ADMINISTRATORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
|
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
|
WITH THESE SERVICES OR THE USE OR OTHER DEALINGS IN THESE SERVICES.
|
|
</p>
|
|
</section>
|
|
|
|
<small>These rules inspired by <a href="https://www.nuegia.net/services_draft.xhtml">Nuegia's TOS</a></small>
|
|
|
|
<section>
|
|
<h2>Data & Logging Disclaimers</h2>
|
|
<p>
|
|
This section should be taken as a rough overview and guide as
|
|
to what happens to your data. UNIX.dog does not use your
|
|
data in any commercial capacity, and only stores data
|
|
necessary for service operation or security and auditing.
|
|
</p>
|
|
<p>
|
|
Much of the data is stored unencrypted due to the nature of
|
|
the services provided. Remember that while there are access
|
|
controls, the best way to safeguard your data is to encrypt
|
|
it yourself.
|
|
</p>
|
|
<p>
|
|
If you are concerned or believe that there is something
|
|
missing here, please reach out via email or XMPP.
|
|
</p>
|
|
|
|
<h3>
|
|
Data Accessible to the World
|
|
</h3>
|
|
<p>
|
|
The following data is publicly accessible by anyone with an
|
|
internet connection.
|
|
</p>
|
|
|
|
<h4>LDAP</h4>
|
|
<ul>
|
|
<li>Chosen username.</li>
|
|
<li>Personal information given on the account page.</li>
|
|
<li>SSH public keys.</li>
|
|
<li>Login shell.</li>
|
|
</ul>
|
|
|
|
<h4>XMPP</h4>
|
|
<p>Privacy settings can be configured with supported XMPP
|
|
clients.</p>
|
|
<ul>
|
|
<li>Personal information published on your VCARD.</li>
|
|
<li>Uploaded avatar image.</li>
|
|
<li>Presence information to your subscribed contacts.</li>
|
|
<li>
|
|
Other information exposed by your XMPP client. This can
|
|
include hostname and OS version. Check your XMPP client
|
|
for details.
|
|
</li>
|
|
</ul>
|
|
|
|
<h4>Mumble</h4>
|
|
<ul>
|
|
<li>Chosen username.</li>
|
|
<li>User channel info, if created.</li>
|
|
</ul>
|
|
|
|
<h4>E-Mail</h4>
|
|
<p>
|
|
Filters are not applied to outgoing mail. The following may
|
|
be included in the e-mail headers:
|
|
</p>
|
|
<ul>
|
|
<li>
|
|
Sender IP.
|
|
</li>
|
|
<li>Sender hostname.</li>
|
|
<li>Sender client identification string.</li>
|
|
</ul>
|
|
|
|
<h4>Akkoma</h4>
|
|
<p>Akkoma has built-in privacy settings.</p>
|
|
<ul>
|
|
<li>
|
|
Provided personal information such as display name,
|
|
bio, and profile
|
|
avatar.
|
|
</li>
|
|
<li>Posts and boosts marked as public.</li>
|
|
<li>
|
|
Your social network, i.e. your followers and who you are
|
|
following.
|
|
</li>
|
|
</ul>
|
|
|
|
<h4>IPFS</h4>
|
|
<p>
|
|
Due to the nature of IPFS, uploaded data can be accessed by
|
|
anyone with the CID.
|
|
</p>
|
|
|
|
<h4>Nextcloud</h4>
|
|
<p>Nextcloud has built in privacy settings.</p>
|
|
<ul>
|
|
<li>
|
|
Personal information published on your profile such as
|
|
display name, bio, profile avatar, and more.
|
|
</li>
|
|
<li>Files shared publicly.</li>
|
|
</ul>
|
|
|
|
<h4>Shell access</h4>
|
|
<p>
|
|
Files located under ~/public are accessible to the world, as
|
|
determined by their UNIX permissions.
|
|
</p>
|
|
|
|
<h3>
|
|
Data Accessible to UNIX.dog Users
|
|
</h3>
|
|
<p>
|
|
The following data can be accessed by people with a
|
|
registered UNIX.dog account.
|
|
</p>
|
|
|
|
<h4>Shell access</h4>
|
|
<ul>
|
|
<li>Last login times and IP, via WTMP logs.</li>
|
|
<li>
|
|
Currently open sessions and connection IP, via UTMP
|
|
logs.
|
|
</li>
|
|
<li>
|
|
The home directory has default permissions that let
|
|
others view the list of files, required for the public
|
|
folder to work. If this bothers you, consider changing
|
|
your umask in your shell RC file and storing files in a
|
|
subfolder.
|
|
</li>
|
|
<li>
|
|
Users can send you messages via the write and wall
|
|
commands. Use mesg n to disable.
|
|
</li>
|
|
</ul>
|
|
|
|
<h3>
|
|
Data Accessible to Administrators
|
|
</h3>
|
|
<p>
|
|
The following data is stored on the server, and is thus
|
|
accessible by administrators.
|
|
</p>
|
|
|
|
<h4>HTTP</h4>
|
|
<ul>
|
|
<li>
|
|
Access logs, which include source IP, request headers,
|
|
request path, and time.
|
|
</li>
|
|
<li>
|
|
Request data (i.e. POST or form data) is not
|
|
logged.
|
|
</li>
|
|
</ul>
|
|
|
|
<h4>LDAP</h4>
|
|
<ul>
|
|
<li>Password hashed with Argon2ID.</li>
|
|
</ul>
|
|
|
|
<h4>Akkoma</h4>
|
|
<p>
|
|
ActivityPub is not a secure protocol, and
|
|
should not be used for sensitive communications. Post
|
|
content can be deleted if needed, but posts could still
|
|
exist on other servers because of the nature of federation.
|
|
</p>
|
|
<ul>
|
|
<li>
|
|
Post and DM content, regardless of post visibility
|
|
setting.
|
|
</li>
|
|
<li>Error logs.</li>
|
|
</ul>
|
|
|
|
<h4>XMPP</h4>
|
|
<p>
|
|
If you use OMEMO encryption, message content is encrypted.
|
|
XMPP is also a federated protocol, so your data may be exposed
|
|
and stored on the server of the contacts you communicate with.
|
|
</p>
|
|
<ul>
|
|
<li>Your XMPP roster.</li>
|
|
<li>Uploaded files, published at an obfuscated URL.</li>
|
|
<li>
|
|
Message content, cached for 7 days in MAM, for both
|
|
private messages and group chats (MUCs).
|
|
</li>
|
|
<li>
|
|
Connection and authentication logs, which
|
|
includes connection IP.
|
|
</li>
|
|
</ul>
|
|
|
|
<h4>Legacy service XMPP bridges</h4>
|
|
<p>
|
|
The legacy service XMPP bridges are hosted on a seperate
|
|
server, not woofer.
|
|
</p>
|
|
<ul>
|
|
<li>
|
|
Provided credentials to authorize to the legacy service,
|
|
unencrypted.
|
|
</li>
|
|
<li>
|
|
Legacy contacts, synced to the UNIX.dog XMPP server.
|
|
</li>
|
|
<li>
|
|
Messages are stored unencrypted on the XMPP
|
|
server, and are thus also cached in MAM for 7 days.
|
|
</li>
|
|
</ul>
|
|
|
|
<h4>Forgejo</h4>
|
|
<ul>
|
|
<li>Any uploaded repositories.</li>
|
|
<li>Error logs.</li>
|
|
</ul>
|
|
|
|
<h4>E-Mail</h4>
|
|
<p>
|
|
E-Mail is an unencrypted protocol. Consider using PGP or
|
|
other encryption if you require secure communications.
|
|
</p>
|
|
<ul>
|
|
<li>E-Mail content in your home directory.</li>
|
|
<li>Authentication logs, including connection IP.</li>
|
|
<li>Transport logs, including source and destination address.</li>
|
|
<li>Error logs.</li>
|
|
</ul>
|
|
|
|
<h4>Nextcloud</h4>
|
|
<ul>
|
|
<li>File content.</li>
|
|
<li>Contacts and Calendar content.</li>
|
|
<li>Other data which is uploaded to the Nextcloud server.</li>
|
|
<li>Error logs.</li>
|
|
</ul>
|
|
|
|
<h4>Mumble</h4>
|
|
<ul>
|
|
<li>Client certificate public key, for authorization.</li>
|
|
<li>
|
|
Authentication logs, which include connection IP and
|
|
possibly client OS.
|
|
</li>
|
|
<li>Error logs.</li>
|
|
</ul>
|
|
|
|
<h4>SSH</h4>
|
|
<ul>
|
|
<li>
|
|
Authentication logs, which include connection IP,
|
|
username, and public key (if provided).
|
|
</li>
|
|
</ul>
|
|
|
|
<h4>IPFS Upload Service</h4>
|
|
<ul>
|
|
<li>Pinned CIDs, associated with a user.</li>
|
|
</ul>
|
|
</section>
|
|
</article>
|