Comment on New bot rules, Lemmy 0.18.3, and a message about alternative Lemmy frontends on lemm.ee
iso@lemy.lol 1 year ago
By self-hosting, you make sure that you keep user data safe. But you are right about possible exploits. I’m currently trying to limit cookies between subdomains.
aCosmicWave@lemm.ee 1 year ago
Even when self hosting, malicious code can still make external calls and ship user data elsewhere if so inclined. At the end of the day, it’s the users choice to share their credentials with a third party frontend and there are risks involved regardless of where it is hosted.