Comment on New bot rules, Lemmy 0.18.3, and a message about alternative Lemmy frontends on lemm.ee
iso@lemy.lol 11 months ago
By self-hosting, you make sure that you keep user data safe. But you are right about possible exploits. I’m currently trying to limit cookies between subdomains.
aCosmicWave@lemm.ee 11 months ago
Even when self hosting, malicious code can still make external calls and ship user data elsewhere if so inclined. At the end of the day, it’s the users choice to share their credentials with a third party frontend and there are risks involved regardless of where it is hosted.