Here's what I'm aiming for. Getting there slowly - there's a whole lot of code to refactor.
Anmol Sharma
Alexandre Hannud Abdo
Private resources are shared with a "portable_id" (all the identifiers in the example are portable_ids) and these have always been valid across clones. In earlier iterations this was called an 'xchan'. As long as you have the same portable_id, you can view private resources assigned to it. In zot 6.x the xchan is no longer tied to a particular signature algorithm so it is even more portable.
There will eventually be a facility in zot 6.x to link two portable_ids together; providing you have all the keys to perform this operation. Once this happens you can visit a site with portable_id #2 and still access resources that were granted to portable_id #1.
In Zot 1.x we needed to provide all the communication details in the message packet in order to verify the sender and calculate/prove the portable_id. This added a lot of overhead to each message. In Zot 6.x the verification process is done separately. To do this we use a variant of openwebauth (HTTP signatures and webfinger). It's all a lot faster and much less complicated.
The location_id is a portable_id for the site and will change if the site is re-installed. We need this here to block certain classes of forgeries.
There will eventually be a facility in zot 6.x to link two portable_ids together; providing you have all the keys to perform this operation. Once this happens you can visit a site with portable_id #2 and still access resources that were granted to portable_id #1.
In Zot 1.x we needed to provide all the communication details in the message packet in order to verify the sender and calculate/prove the portable_id. This added a lot of overhead to each message. In Zot 6.x the verification process is done separately. To do this we use a variant of openwebauth (HTTP signatures and webfinger). It's all a lot faster and much less complicated.
The location_id is a portable_id for the site and will change if the site is re-installed. We need this here to block certain classes of forgeries.
Haakon Meland Eriksen (Els Mussols)
Alex
Klaus
Koalas
So 30km from here, they're building a housing subdivison on top of a Koala corridor. Koalas are specific about the types of eucalyptus leaves they eat. These only grow along river/stream beds, hence 'corridor'. If you destroy this corridor there is no escape route for the koalas. They need to cross what is essentially a barren desert to them in order to migrate out of the threatened territory. Once the corridor is destroyed, the Campbelltown koala population will vanish. These are the last koalas in the world that are still fertile, because they don't have chlamydia. There are still a few dozen koalas in the southern highlands (on the other side of the Campbelltown corridor) which don't have chlamydia. They are hiding out in the Blue Mountains Heritage Area (across the street from me) and travelling along the last known corridor. There are also a few dozen koalas in Victoria and Queensland, but they have chlamydia and probably won't survive 2-3 more generations. This is it folks. This is the last stand of the koala.
I understand that you may not have any sympathy for an endangered species that is alien to you; seeing as how it only exists on the other side of the world.
A million species are going to be wiped out of existence from the planet earth in the next five years. You're next. Hope you aren't depending on the koalas to protect and defend your corridors.
I understand that you may not have any sympathy for an endangered species that is alien to you; seeing as how it only exists on the other side of the world.
A million species are going to be wiped out of existence from the planet earth in the next five years. You're next. Hope you aren't depending on the koalas to protect and defend your corridors.
Raymond Monret
Jeroen
Hubzilla @ sasiflo
elmussol
Maria Karlsen
This initiative was instituted by local government in response to a state zoning change which opened the region for development. The city of Sydney has nothing to do with it, but we could use their help as well to convince the state leaders to back off and reverse their earlier decisions.
What happened was that some developers convinced the government to build a new Sydney airport at Wilton a few years ago. Then they did a bunch of studies and decided it was a bad idea (probably because of the koalas) and decided to put the airport at the eastern edge of the Blue Mountains instead (facepalm). Meanwhile a lot of people had poured money into Wilton real estate in preparation for making it rich off the airport deal, and they were left hanging. But the land had already been rezoned, so they started calling in the developers. Now that it's zoned for industrial/commercial/residential activity by the state, the local government can't stop the developers moving in without taking the state to court. This might happen.
http://www.engage.wollondilly.nsw.gov.au/assets/pdf/wiltonnewtown/Wilton_Petition_.pdf
https://www.wollondilly.nsw.gov.au/resident-services/environment-and-sustainability/wollondilly-koala-conservation-project-2/
What happened was that some developers convinced the government to build a new Sydney airport at Wilton a few years ago. Then they did a bunch of studies and decided it was a bad idea (probably because of the koalas) and decided to put the airport at the eastern edge of the Blue Mountains instead (facepalm). Meanwhile a lot of people had poured money into Wilton real estate in preparation for making it rich off the airport deal, and they were left hanging. But the land had already been rezoned, so they started calling in the developers. Now that it's zoned for industrial/commercial/residential activity by the state, the local government can't stop the developers moving in without taking the state to court. This might happen.
http://www.engage.wollondilly.nsw.gov.au/assets/pdf/wiltonnewtown/Wilton_Petition_.pdf
https://www.wollondilly.nsw.gov.au/resident-services/environment-and-sustainability/wollondilly-koala-conservation-project-2/
Remember Cheech and Chong?
Sophie
Glad to see you are organized. 
Perhaps a Koala fan page on Hubzilla can source different new items related to this issue?
Perhaps a Koala fan page on Hubzilla can source different new items related to this issue?
i will send this pdf to my friend, she owns like 900 Lush stores in North America and she's on the board of directors for the company. I see there are Lush stores in Australia, at least one in Sydney. It's something they should publicize IMHO. I'm pretty sure She could easily pick up the phone and call whoever owns the stores in australia and make something happen in like 2 minutes. But I cannot promise anything..
LUSH Cosmetics North America
LUSH Cosmetics North America
Welcome to LUSH Cosmetics, North America. We'll take you behind the scenes and into our kitchens, share product how-to's, visit our shops, and keep you up to...
Currently working on the hardest of all nomadic identity problems - what to do if your nomadic identity is hijacked or stolen and you can no longer prove that you are really you. There is no possible automatic solution to this problem. The only thing that will work (to my knowledge) is if you make the hijack claim to all your friends and let them decide whether your new identity is actually you or somebody else; and let them a) accept your new identity as absolute, b) allow both identities to exist until they have more information, or c) reject your claim.
The dilemma is that making such a tool available actually makes it easier to hijack an identity, because anybody off the street can then claim that they're the realDonaldTrump (for instance); with no supporting documentation and force you to decide. But it's absolutely vital that such a tool exists, because Vladimir Putin might have hijacked the account and left poor Donald with no way to babble to his faithful followers.
The dilemma is that making such a tool available actually makes it easier to hijack an identity, because anybody off the street can then claim that they're the realDonaldTrump (for instance); with no supporting documentation and force you to decide. But it's absolutely vital that such a tool exists, because Vladimir Putin might have hijacked the account and left poor Donald with no way to babble to his faithful followers.
Thomas Runge
Brian Christensen
Thorsten
My take on the problem in two parts:
Part 1
First, as I see it, the largest attack surface for identity theft is you having a few clones and then a hub hosting one of your clones getting compromised. In other words, your resilience to occasional system failure should not be directly proportional to your risk of identity theft.
Second, most people can't handle certificates. Moreover, even most people who can, won't. Practice teaches us that somebody else needs to do it for them. In Zot world the entity that handles certificates for you is called a Hub. Moreover, people who can and are willing to handle their own certificates can and likely ultimately will handle their own hub.
This calls for assigning a hub as your one-and-only "trusted hub", which by default would be your "primary hub", but could be set to something different.
The trusted hub is just a hub that holds a "secret key", different from the channel's private key. The secret key isn't transmitted to other hubs upon cloning, nor exported with a channel backup. Ordinarily, it never leaves the trusted hub. (Remember, if you are capable and willing to trust yourself with your secret key, you're probably already running your own hub.)
The secret key has the power to give and revoke the authority of hubs hosting channel clones, beyond regular cloning. This is done by generating a new channel key pair, broadcasting the new public key, and distributing the new private key only to hubs whose clones it recognizes as legitimate. Hubs will in turn recognize and respect the boradcasted channel key change only - or with higher priority - when it is signed by the channel's secret key.
In turn, changing your trusted hub would involve the future trusted hub to generate its own secret key, the public part of the new secret key getting signed with the current trusted hub's secret key and then distributed everywhere.
Now, the scheme as described would allow channels to recover in case of loss of the trusted hub's domain name, and I kinda favor that. Still, one could argue for also keeping track of the trusted hub's domain name and verifying the origin of signed messages so that even a leaked secret wouldn't suffice to take over your identity. This may be of interest to some organisations, so perhaps this could be eventually added as an option.
In either case, really paranoid admins could keep their member's secret keys encrypted or even air gapped and require them to personally contact them to be able to resort to those.
Part 2
I don't think we can do better than this within the platform. Anything else goes into the realm of the particular and it will only cause confusion and facilitate identity theft to automate it. However, we can still do something to alleviate the pain when all your base got usurped despite every precaution.
That would be to allow a channel to declare a list of "conflicting channels". With such lists, if a member has two active channels in his address book where either of them lists the other as conflicting, then both channels' avatar and name, wherever they appear, would give out a signal alerting that there is a conflict claim involving that channel.
Clicking on the signal would take you to a page with details on the claim, like the involved webbies linked to their respective channel home and some directly useful info such as connection date and cloned locations. Plus, general suggestions on how to resolve the conflict, but no automated or guided resolution. Suggestions should instruct members to not trust either side of the claim, and try to find confirmation through the surest of means before deleting or archiving one of the connections.
There is also the case where you request to connect, or receive a connection request, from a channel that would conflict with one already in your address book. Then, the connection page should have an additional step so you can decide not to enact the connection. It would carry a warning and info about the conflict with an existing connection, with similar suggestions as above. Again, no automated or guided resolution. However, you should be able to confirm and connect to the channel should you choose to, for example to communicate with both and make up your mind. In this case, the previous situation would applly.
In any case, there should be no way to ever have two active conflicting channels in your address book without displaying the conflict signal. Perhaps even an undismissable notification is due. Members should get a clear message that there is a serious problem and that they must get rid of either contact.
With this in place, in case even your heavily guarded trusted hub gets pwned, you can set up a new channel and claim a conflict with your old channel. You'd then have to figure out yourself the best way to get the message to your folks in a way that they will trust, and that probably and best involves using means of communication and context beyond the platform itself.
In the particular case where realDonaldTrump gets his secret key stolen and Putin sets up a Zot-authoritative clone at hub.kremlin.ru, the simple fact that the new channel's connection request will raise a conflict with the old one, while having hub.whitehouse.gov as its primary hub, will make everyone but Hillary converge to the right side, keeping the new channel.
Well, that is my long long take. And, of course, there should be no surprise when @Mike Macgirvin comes up with a better idea (-:
Part 1
First, as I see it, the largest attack surface for identity theft is you having a few clones and then a hub hosting one of your clones getting compromised. In other words, your resilience to occasional system failure should not be directly proportional to your risk of identity theft.
Second, most people can't handle certificates. Moreover, even most people who can, won't. Practice teaches us that somebody else needs to do it for them. In Zot world the entity that handles certificates for you is called a Hub. Moreover, people who can and are willing to handle their own certificates can and likely ultimately will handle their own hub.
This calls for assigning a hub as your one-and-only "trusted hub", which by default would be your "primary hub", but could be set to something different.
The trusted hub is just a hub that holds a "secret key", different from the channel's private key. The secret key isn't transmitted to other hubs upon cloning, nor exported with a channel backup. Ordinarily, it never leaves the trusted hub. (Remember, if you are capable and willing to trust yourself with your secret key, you're probably already running your own hub.)
The secret key has the power to give and revoke the authority of hubs hosting channel clones, beyond regular cloning. This is done by generating a new channel key pair, broadcasting the new public key, and distributing the new private key only to hubs whose clones it recognizes as legitimate. Hubs will in turn recognize and respect the boradcasted channel key change only - or with higher priority - when it is signed by the channel's secret key.
In turn, changing your trusted hub would involve the future trusted hub to generate its own secret key, the public part of the new secret key getting signed with the current trusted hub's secret key and then distributed everywhere.
Now, the scheme as described would allow channels to recover in case of loss of the trusted hub's domain name, and I kinda favor that. Still, one could argue for also keeping track of the trusted hub's domain name and verifying the origin of signed messages so that even a leaked secret wouldn't suffice to take over your identity. This may be of interest to some organisations, so perhaps this could be eventually added as an option.
In either case, really paranoid admins could keep their member's secret keys encrypted or even air gapped and require them to personally contact them to be able to resort to those.
Part 2
I don't think we can do better than this within the platform. Anything else goes into the realm of the particular and it will only cause confusion and facilitate identity theft to automate it. However, we can still do something to alleviate the pain when all your base got usurped despite every precaution.
That would be to allow a channel to declare a list of "conflicting channels". With such lists, if a member has two active channels in his address book where either of them lists the other as conflicting, then both channels' avatar and name, wherever they appear, would give out a signal alerting that there is a conflict claim involving that channel.
Clicking on the signal would take you to a page with details on the claim, like the involved webbies linked to their respective channel home and some directly useful info such as connection date and cloned locations. Plus, general suggestions on how to resolve the conflict, but no automated or guided resolution. Suggestions should instruct members to not trust either side of the claim, and try to find confirmation through the surest of means before deleting or archiving one of the connections.
There is also the case where you request to connect, or receive a connection request, from a channel that would conflict with one already in your address book. Then, the connection page should have an additional step so you can decide not to enact the connection. It would carry a warning and info about the conflict with an existing connection, with similar suggestions as above. Again, no automated or guided resolution. However, you should be able to confirm and connect to the channel should you choose to, for example to communicate with both and make up your mind. In this case, the previous situation would applly.
In any case, there should be no way to ever have two active conflicting channels in your address book without displaying the conflict signal. Perhaps even an undismissable notification is due. Members should get a clear message that there is a serious problem and that they must get rid of either contact.
With this in place, in case even your heavily guarded trusted hub gets pwned, you can set up a new channel and claim a conflict with your old channel. You'd then have to figure out yourself the best way to get the message to your folks in a way that they will trust, and that probably and best involves using means of communication and context beyond the platform itself.
In the particular case where realDonaldTrump gets his secret key stolen and Putin sets up a Zot-authoritative clone at hub.kremlin.ru, the simple fact that the new channel's connection request will raise a conflict with the old one, while having hub.whitehouse.gov as its primary hub, will make everyone but Hillary converge to the right side, keeping the new channel.
Well, that is my long long take. And, of course, there should be no surprise when @Mike Macgirvin comes up with a better idea (-:
Jake Moomaw
I like the idea of having a passphrase/secret to lockdown a compomised key. That could be backed up in various ways. Written down and taken away in a steel safe. With this secret you should be able to declare a key as invalid and locked down. So further communication is prohibited and all connections get a warning.
I think there should be no direct renewal option, because the case of a hijacked identity should enforce massive investigation.
I think there should be no direct renewal option, because the case of a hijacked identity should enforce massive investigation.
High Range, Australia, last edited: Sun, 27 May 2018 18:13:45 +1000
Consider that the project that is the gold standard of ActivityPub compatibility (think extinct elephant) doesn't work with Example2, Example3, Example4, or Example5 of the ActivityPub spec. It will reject these activities and silently drop them as "malformed". These four examples describe in detail how basic, simple communications work in ActivityPub.
Charles Roth MPC
Since the heavy lifting is being done in a repository none of you can see, here's what's happening at the moment with zot6.
The basic protocol is just about defined. It's not *too* much different than zot, but there are still substantial changes in the way data is organised and transferred. So far I have only had to add one table column to the database. There will be more.
Sometime in the next week (or so) I expect to be able to connect two channels. The last remaining hurdle is (yet another) permission system upgrade. This is a hard slog as I'm trying to do away with a static permission list completely and let permissions like 'can shave my cat' appear at any time and just work. The current architecture does this but there's a nasty little upgrade process to merge it into the system.
Sometime in the next 2-3 weeks I expect to be able to start sending messages.
On the longer term roadmap and in rough order (I can't define a timeline until the earlier components start to materialise):
- Finish the protocol supporting documentation
- remove bbcode as the base content type
- Release the zot6 base project 'zap' for pioneers to play with
- Strip out everything that isn't a social network suitable for the intellectually challenged and release it as 'denim'.
- add support for the activitystreams data type
- migrate the new protocol to hubzilla
The basic protocol is just about defined. It's not *too* much different than zot, but there are still substantial changes in the way data is organised and transferred. So far I have only had to add one table column to the database. There will be more.
Sometime in the next week (or so) I expect to be able to connect two channels. The last remaining hurdle is (yet another) permission system upgrade. This is a hard slog as I'm trying to do away with a static permission list completely and let permissions like 'can shave my cat' appear at any time and just work. The current architecture does this but there's a nasty little upgrade process to merge it into the system.
Sometime in the next 2-3 weeks I expect to be able to start sending messages.
On the longer term roadmap and in rough order (I can't define a timeline until the earlier components start to materialise):
- Finish the protocol supporting documentation
- remove bbcode as the base content type
- Release the zot6 base project 'zap' for pioneers to play with
- Strip out everything that isn't a social network suitable for the intellectually challenged and release it as 'denim'.
- add support for the activitystreams data type
- migrate the new protocol to hubzilla
Stephan Maus
Waitman Gobble
Mario Vavti
!
Oliver
Sometime in the next 2-3 weeks I expect to be able to start sending messages.Faster than light you are
It just keeps getting better...
(The "from ActivityPub" is leftover code in the ActivityStreams parser that hasn't yet been removed).
So here's why this matters... it's "sort of" like ActivityPub and you can use the same messages and libraries, but with all the goodness of zot (nomadic identity, strong encryption, reliable third-party signatures, minimal and encrypted metadata, none of Mastodon's "quirks" like removing all the interesting HTML tags and generating warnings when you add summaries and forcing you to mention people to deliver anything private to them, as well as the federation benefits of an 'open' network that doesn't block delivery of messages to third parties from authors who use different protocols).
Anyway, there's a lot of work left to do, but that is what I'm up to and this is why I'm doing it.
(The "from ActivityPub" is leftover code in the ActivityStreams parser that hasn't yet been removed).
So here's why this matters... it's "sort of" like ActivityPub and you can use the same messages and libraries, but with all the goodness of zot (nomadic identity, strong encryption, reliable third-party signatures, minimal and encrypted metadata, none of Mastodon's "quirks" like removing all the interesting HTML tags and generating warnings when you add summaries and forcing you to mention people to deliver anything private to them, as well as the federation benefits of an 'open' network that doesn't block delivery of messages to third parties from authors who use different protocols).
Anyway, there's a lot of work left to do, but that is what I'm up to and this is why I'm doing it.
Facebook to change terms of service for Australian users to avoid EU privacy law
The world's largest social network is keen to reduce its exposure to a new European privacy law.
They want European standards for everybody in the world... but just in case that could cost money they move the data to America...
I guess the new terms are something like "We want to protect your data and whatever. Just click ok, we don't care anyway" ;)
I guess the new terms are something like "We want to protect your data and whatever. Just click ok, we don't care anyway" ;)
It goes to show that multi-nationals don't play by the same rules as the rest of us. Despite the claims to the contrary, Australians are considered as Irish in the Facebook ledger because this allows Facebook to not pay any taxes in Australia (literally zero - ever). This came out in questioning by the tax office a few years ago. American taxes are too high so this move is temporary until they convince another country to give them a low tax rate and also shield them from international privacy laws. This isn't too hard if you've got money clout. If I were a Facebook lawyer I'd be bribing talking to North Korea, Somalia, or Cuba.
The duke and duchess of Wild Meadow send their best wishes to the duke and duchess of Sussex. May they live long and prosper.
Manuel
Blue eggs offered as a solution to identify pasture-raised produce
So smaller producers will be able to charge more money. And the big producers will never notice or want to increase their margins. Uh-huh. Got it. Wink.
Smaller producers will think it's a cool egg but the big guys probably wouldn't be interested. So it could naturally become known as a sign of pasture-raised.
So smaller producers will be able to charge more money. And the big producers will never notice or want to increase their margins. Uh-huh. Got it. Wink.
Frank Zappa on The Steve Allen Show March 4, 1963.mp4
Frank promotes his new record How's Your Bird & The Worlds Greatest Sinner movie and then plays a bicycle with Steve. Fun for all.
last edited: Tue, 08 May 2018 17:27:17 +1000
Gorgeous!
Edit: there is Frank Rosolino sitting in in the horn section.
Edit: there is Frank Rosolino sitting in in the horn section.
last edited: Sat, 12 May 2018 05:56:41 +1000
was he clairvoyant writing about 'plastic people' with the currently trendy 'software photo filters'
the first girl i did it with, her father had a great music collection. that's where i first got into MOI and Zappa. A friend of mine bought me Ship Arriving Too Late to Save a Drowning Witch (on vinyl) in the 1980's, it had valley girl and i think Steve Vai on guitar.
the first girl i did it with, her father had a great music collection. that's where i first got into MOI and Zappa. A friend of mine bought me Ship Arriving Too Late to Save a Drowning Witch (on vinyl) in the 1980's, it had valley girl and i think Steve Vai on guitar.
on mother's day (in the USA anyway. mexico was last week and dominican republic is 27th, it's probably different everywhere?) anyway it's MOI day.
this is a great find on youtube. 200 motels promo with soundtrack.
Frank V Zappa's 200 Motels 100 200 MOTELS PROMO
this is a great find on youtube. 200 motels promo with soundtrack.
Frank V Zappa's 200 Motels 100 200 MOTELS PROMO
Promo TV spot for 200 Motels (1971)
Somebody was asking about this recently. The version needs to be updated, and imagick added to apk but otherwise this should get you started.
https://hub.docker.com/r/silviof/hubzilla-docker/
https://hub.docker.com/r/silviof/hubzilla-docker/
Sean Tilley
mrjive
eBay: We are updating our User Privacy Notice
Didn't realise I still had that account. Haven't used it since 1999.
But it's a perfect time to once again roll out this quote by former co-worker Hans Lachman:
Didn't realise I still had that account. Haven't used it since 1999.
But it's a perfect time to once again roll out this quote by former co-worker Hans Lachman:
We've upped our standards. So up yours.
I had to look. Last time I heard from Hans he was a bit of a global wanderer living off the grid in rural China. Now it seems he's a marginally successful Hollywood producer/director. He's got a Mastodon account but hasn't posted since December. Another former co-worker is CTO and co-founder of an AI healthcare startup. Not surprising, but he was also off grid for the better part of 20 years. You couldn't find him on the internet. That's how deep under cover he went. Once you've played a part in changing the world, it kind of stays with you - no matter how much you try to put it behind you.
Apparently carotene affects the kangaroo brain in the same ways as bootleg #homebrew and prolonged exposure to #AC/DC.
'There was a guy who got his stomach gashed open': Carrot-addicted kangaroos attack tourists
'There was a guy who got his stomach gashed open': Carrot-addicted kangaroos attack tourists
Kangaroos at a tourist hotspot are attacking people after becoming addicted to carrots and junk food.
phellmes
If you decide to upgrade to Ubuntu 18.04 LTS and think it might be best to lock the screen in case a kitty cat walks across the keyboard while it's upgrading, DON'T DO IT.
I hope this little tip saves somebody some grief.
I hope this little tip saves somebody some grief.
Gnome3 replacing Unity?
Yeah, and I'm not impressed. There is now a menu bar in addition to the window title bar and this takes up an obscene amount of screen real estate. Meanwhile the scrollbars have shrunk to 3-4 pixels wide and there doesn't seem to be any way to make them more accessible (they used to grow if the mouse got near, now they stay 3-4 pixels wide and are very hard to activate on large screens). Most everything starts off in maximised windows and there's apparently no setting to undo this. Ditto for auto-maximise when you move it within an inch or two of a screen border. There used to be a way to turn off this annoying behaviour, but now it seems we're stuck with it. They reversed the direction of touchpad scrolling - which they insist is "natural" but fortunately you can turn this one off. It may be more natural for people who grew up with smartphones, but isn't natural at all if you've been doing it a different way since touchpads first appeared in 1994.
I had some chance fiddling with gtk's css files and specifically sliders width properties on xfce, but it did not work for all windows though.
Thanks - I'm giving that a try now. To make it consistent it appears you need to apply it to gtk-3.0 and gtk-2.0 and the syntax is a bit different between the two. I'll just try 3.0 now and see how it goes; but first it seems that the lockscreen prevented autoremove of old packages so I've got about 8G of obsolete stuff to clean out.
Important: anonymous comment permission patch
!Hubzilla Support Forum !Hubzilla Announcements
It was brought to our attention that some channels have been configured with anonymous (WordPress style) comment permissions which should not have been. This affects a number of newly created channels.
Step 1:
If you are a hub administrator and are running master (3.2.x), dev (3.5), or 3.4RC, please execute 'git pull' from the project root directory now. If you are running a prior release, this particular issue may not affect you; but you are encouraged to update in any event.
If you are running the dev branch on your site, no further action is necessary.
Step 2:
If your site is running a release or pre-release version such as master (3.2.x) or 3.4RC please change to your project root directory and create a new file using the following code snippet. This file should be named Zotlabs/Module/Fix20180421.php and the text '<?php' should be on the very first line of the file. The capitalisation in the filename is important.
Step 3.
Visit https://macgirvin.com/fix20180421 while logged into the hub administrator account. Note that you will use lowercase for the path here.
You should see the text 'Update has been applied'. When you see this text, from the command shell
% rm Zotlabs/Module/Fix20180421.php
Apologies for the inconvenience.
It was brought to our attention that some channels have been configured with anonymous (WordPress style) comment permissions which should not have been. This affects a number of newly created channels.
Step 1:
If you are a hub administrator and are running master (3.2.x), dev (3.5), or 3.4RC, please execute 'git pull' from the project root directory now. If you are running a prior release, this particular issue may not affect you; but you are encouraged to update in any event.
If you are running the dev branch on your site, no further action is necessary.
Step 2:
If your site is running a release or pre-release version such as master (3.2.x) or 3.4RC please change to your project root directory and create a new file using the following code snippet. This file should be named Zotlabs/Module/Fix20180421.php and the text '<?php' should be on the very first line of the file. The capitalisation in the filename is important.
<?php
namespace Zotlabs\Module;
class Fix20180421 extends \Zotlabs\Web\Controller {
function get() {
if(! is_site_admin())
return;
$r = q("select channel_id from channel where true");
if($r) {
foreach($r as $rv) {
$role = get_pconfig($rv['channel_id'],'system','permissions_role');
if($role !== 'custom') {
$role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($role);
if(array_key_exists('limits',$role_permissions) && array_key_exists('post_comments',$role_permissions['limits'])) {
set_pconfig($rv['channel_id'],'perm_limits','post_comments',$role_permissions['limits']['post_comments']);
}
}
}
}
return 'Update has been applied';
}
}
Step 3.
Visit https://macgirvin.com/fix20180421 while logged into the hub administrator account. Note that you will use lowercase for the path here.
You should see the text 'Update has been applied'. When you see this text, from the command shell
% rm Zotlabs/Module/Fix20180421.php
Apologies for the inconvenience.
M. Dent
Grant Stephenson
Andrew Manning
Erik Lundin
