Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MSC2260: Update the auth rules for m.room.aliases events #2260

Closed
wants to merge 9 commits into from
Closed

MSC2260: Update the auth rules for m.room.aliases events #2260

Changes from 2 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
a80fdff
MSC2260: Update the auth rules for `m.room.aliases` events
richvdh Aug 29, 2019
3ab0b63
add some links
richvdh Aug 29, 2019
9ba4c7f
Update proposals/2260-change-aliases-auth-rules.md
richvdh Aug 29, 2019
5ec80dd
add some more thoughts
richvdh Aug 29, 2019
4d45afd
add some more clarifications
richvdh Aug 30, 2019
ca4aad1
updates
richvdh Sep 2, 2019
21daa6a
Merge branch 'master' into rav/proposal/change_aliases_auth_rules
richvdh Sep 2, 2019
31fa78b
Some clarifications based on feedback
richvdh Jan 8, 2020
784b0e9
Merge remote-tracking branch 'origin/master' into rav/proposal/change…
richvdh Jan 8, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
49 changes: 49 additions & 0 deletions proposals/2260-change-aliases-auth-rules.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
# MSC2260: Update the auth rules for `m.room.aliases` events
richvdh marked this conversation as resolved.
Show resolved Hide resolved

## Background

Currently, `m.room.aliases` is subject to specific [authorization
rules](https://matrix.org/docs/spec/rooms/v1#authorization-rules). When these
rules were introduced, the intention was that `m.room.aliases` would be
maintained as an up-to-date list of the aliases for the room. However, this has
not been successful, and in practice the `m.room.aliases` event tends to drift
out of sync with the aliases (https://github.com/matrix-org/matrix-doc/issues/2262).

Meanwhile, `m.room.aliases` is open to abuse by remote servers who can add spam
or offensive aliases (https://github.com/matrix-org/matrix-doc/issues/625).

## Proposal

`m.room.aliases` exists to advertise the aliases available for a given
room. This is an ability which should be restricted to privileged users in the
room.

Therefore, the special-case for `m.room.aliases` is to be removed from the
[authorization
rules](https://matrix.org/docs/spec/rooms/v1#authorization-rules). `m.room.aliases`
would instead be authorised following the normal rules for state events.
ara4n marked this conversation as resolved.
Show resolved Hide resolved

As a corollary, only users with the power level necessary to send the
`m.room.aliases` state event will be allowed to add entries to the room
directory. Server admins will continue to be able to remove entries from the
directory even if they do not have the right to send the `aliases` event (in
which case the `m.room.aliases` event will become outdated).

It also be logical to allow the contents of `m.room.aliases` events to be
richvdh marked this conversation as resolved.
Show resolved Hide resolved
redacted, as per [MSC2261](https://github.com/matrix-org/matrix-doc/issues/2261).

## Tradeoffs

Perhaps we could instead allow room admins the ability to redact malicious
`aliases` events? Or to issue new ones?

## Potential issues

1. This will bake in https://github.com/matrix-org/synapse/issues/1477 in a way
that cannot be fixed in the case that the server admin doesn't have ops in
the room.

2. This would allow room operators to add 'fake' aliases: for example, I could
create a room and declare one of its aliases to be
`#matrix:matrix.org`. It's not obvious that this will cause any problems in
practice, but it might lead to some confusion.