Comment on New bot rules, Lemmy 0.18.3, and a message about alternative Lemmy frontends on lemm.ee
iso@lemy.lol 2 years ago
By self-hosting, you make sure that you keep user data safe. But you are right about possible exploits. I’m currently trying to limit cookies between subdomains.
aCosmicWave@lemm.ee 2 years ago
Even when self hosting, malicious code can still make external calls and ship user data elsewhere if so inclined. At the end of the day, it’s the users choice to share their credentials with a third party frontend and there are risks involved regardless of where it is hosted.