On Thu, 2022-04-07 at 12:39 +0200, Oliver Falk wrote: > IMHO, the current solution doesn't really provide more security.
Its about not asking browsers to do third-party requests, which is the policy for all Debian domains (where possible) and yes isn't a security issue, but it is a privacy and trust issue. > Currently, what happens is that the local CGI script is actually > called with the mail address instead of the hash, which I'd see as a > bigger issue. That issue does need to be fixed yeah, please file a separate bug report about that issue. > Note that Libravatar has a privacy policy in > place: https://www.libravatar.org/privacy/ This privacy policy and your practices are different to Debian's, for example we don't log IP addresses by default, we don't use cookies or JavaScript by default, we prefer to use static HTML by default, we have Tor Onion sites, we delete old logs after a short period of time etc. > Libravatar is a community driven project with a lot of eyes on it and > we're fully committed to stay neutral; Read: We're not going to share > or sell data. I expect the Libravatar community is definitely trustworthy in general, but visitors to Debian websites shouldn't have to review the privacy policies and trustworthyness of third-parties when visiting our sites. > I do understand people are concerned about privacy - I am too and > that was one of the reasons why I stepped in as the core maintainer > when fmarier decided to give up on the project and even added an > option to proxy requests to Gravatar instead of redirecting. Thanks for that work, I'm glad Libravatar got rescued! > Without digging much into it (esp. because I don't have the relevant > modules + config in place), I'd say the script should work; No idea > why it's currently throwing a server error. The script in the git repository has execute permissions, but the script on the server does not and this is reflected in the server logs. Other folks on the IRC channel said it has been disabled due to overloading the server, referring me to previous discussions. > > so I'll leave it up to the Debian BTS admins to check and respond > > and maybe re-enable execution of the script again. > Thanks for checking! The Debian BTS admin has confirmed that the script needs fixing: <dondelelcaro> pabs: yeah, the design of libravatar.cgi needs to be readdressed before it gets renabled -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
