-
Notifications
You must be signed in to change notification settings - Fork 385
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MSC4150: m.allow recommendation for moderation policy lists #4150
base: main
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
# MSC4150: `m.allow` recommendation for moderation policy lists | ||
|
||
The [moderation policy lists module] provides data structures to build rule-based moderation features | ||
for Matrix. Each rule in a policy list has a so called recommendation which describes an action to be | ||
taken when the rule matches against a certain subject. | ||
|
||
At the time of writing, the only supported recommendation is [`m.ban`]. This is sufficient for building | ||
block-list moderation tools where every entity is permitted by default and only those entities that match | ||
to rules are denied. | ||
|
||
With only a single recommendation, however, it's not possible to _also_ support allow-list systems where | ||
every entity is denied by default and only those entities that match to rules are permitted. This is | ||
prominently evidenced by the fact that existing moderation tools such as [Mjolnir] and [Draupnir] use a | ||
custom `org.matrix.mjolnir.allow` recommendation[^1][^2] to provide both block-list and allow-list semantics[^3]. | ||
|
||
The proposal at hand attempts to close this gap by standardizing an `m.allow` recommendation. | ||
|
||
|
||
## Proposal | ||
|
||
A new recommendation `m.allow` is introduced. When this recommendation is used, the entities affected by | ||
the rule should be allowed for participation where possible. As with `m.ban`, the enforcement is deliberately | ||
left as an implementation detail. The existing [suggestions] for `m.ban` could simply be inverted, however. | ||
|
||
|
||
## Potential issues | ||
|
||
When both `m.ban` and `m.allow` recommendations are used in the same policy list, confusion could arise if | ||
two rules with opposing recommendations match against an entity. Given that the spec doesn't currently | ||
impose _any_ logic for how policy lists are to be interpreted, it could well leave this question as an | ||
implementation detail, too. | ||
|
||
However, if a resolution is indeed desired, the spec could mandate that `m.ban` rules override `m.allow` | ||
rules but not the other way around. This matches both [Mjolnir's implementation] and the way | ||
[server access control lists] are evaluated. | ||
Comment on lines
+28
to
+35
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think that we would need to explicitly choose one or the other here to prevent a situation where in future there are distinct clients that implemented them differently, and then some innocent person gets caught in a mess when they mix them without context. Separately, anti-ban is risky and there are other ways of "undoing" a ban (by redacting the policy or replacing the state event with a blank one - which is what Mjolnir and Draupnir do). In the future, I would like consumers of policy lists to also be able to annotate policies with other policies1 2. This would be a way of ignoring/undoing a policy from a list that you are consuming but do not have write access to, which is safer than marking an entity as immune (which is what anti-ban would be). Please also see the details I wrote up for how this is implemented in Mjolnir and Draupnir #4150 (comment) FootnotesThere was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think I agree but I wonder if then we'd need to turn the spec's current suggesting language on how to interpret policy lists into a prescription? It'd feel slightly off if we were to mandate how |
||
|
||
|
||
## Alternatives | ||
|
||
None that the author could think of. | ||
|
||
|
||
## Security considerations | ||
|
||
None on top of what's already [listed] in the spec. | ||
|
||
|
||
## Unstable prefix | ||
|
||
Until this proposal is accepted into the spec, implementations should refer to `m.allow` as | ||
`org.matrix.mjolnir.allow`. | ||
|
||
|
||
## Dependencies | ||
|
||
None. | ||
|
||
|
||
[^1]: https://github.com/matrix-org/mjolnir/blob/5e35efd1dbc0097a7c19bed2831a1308a29d7be7/src/models/ListRule.ts#L63 | ||
[^2]: https://github.com/Gnuxie/matrix-protection-suite/blob/7fbf691f87056e01de7175b5322b25a901311409/src/PolicyList/PolicyRule.ts#L33 | ||
[^3]: A concrete use case that requires both block-list and allow-list semantics can be found in the | ||
Gematik messenger specification for the healthcare sector in Germany. The latter currently depends | ||
on a custom state event to control invite permissions: | ||
https://github.com/gematik/api-ti-messenger/blob/9b9f21b87949e778de85dbbc19e25f53495871e2/src/schema/permissionConfig.json | ||
|
||
[`m.ban`]: https://spec.matrix.org/v1.10/client-server-api/#mban-recommendation | ||
[listed]: https://spec.matrix.org/v1.10/client-server-api/#security-considerations-16 | ||
[Draupnir]: https://github.com/the-draupnir-project/Draupnir | ||
[Mjolnir]: https://github.com/matrix-org/mjolnir | ||
[Mjolnir's implementation]: https://github.com/matrix-org/mjolnir/blob/5e35efd1dbc0097a7c19bed2831a1308a29d7be7/src/models/AccessControlUnit.ts#L266 | ||
[moderation policy lists module]: https://spec.matrix.org/v1.10/client-server-api/#moderation-policy-lists | ||
[server access control lists]: https://spec.matrix.org/v1.10/client-server-api/#mroomserver_acl | ||
[suggestions]: https://spec.matrix.org/v1.10/client-server-api/#mban-recommendation |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Implementation requirements:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't mjolnir satisfy both of these already?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very possibly, but the implementations would need to be reviewed. Can the original PRs rather than commits be linked on this thread please?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Draupnir publishes the
org.matrix.mjolnir.allow
policies in the appservice admin room to designate the users that have access here via this command.Draupnir consumes them here to enforce access upon invitation of the appservice bot via the same access code as mjolnir.
However, this implementation exists explicitly with the intent that
org.matrix.mjolnir.allow
is only used to describe an entity that is allowed to participate to begin with. That's to say the absence of a policy rule with an allow recommendation for a given entity type requires you to infer that there is a policy rule for that entity type with anentity
field that has the glob value"*"
. Which is a long winded way of saying this is explicitly not an an implementation of a recommendation that performs anti-ban and is not the opposite tom.ban
. This is intended to be the same asallow
from them.room.server_acl
algorithm.[Edit: this comment was written before Travis's reply loaded for me when I refreshed the page, whoops. This is intended to provide context for the MSC]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The original PR won't be useful, the work was done as part of mjolnir for all in this PR matrix-org/mjolnir#364 1. Mjolnir for all works by using policy lists to describe a set of users who have access to their own personal hosted Mjolnir bot. This policy list is managed with policies that have the
org.matrix.mjolnir.allow
recommendation. The specific commit that introduced the access control mechanism is here but that likely won't be useful matrix-org/mjolnir@074a16b. Mjolnir for all didn't have the commands to manage this list but Draupnir does and the PR to do that is the-draupnir-project/Draupnir#47 (which probably is reviewable - but please note that it will be cleaner and easier to look at Draupnir's code directly, as there have been fundamental changes to Draupnir in this time that significantly improve code quality).That being said, I don't think an appeal to see a PR makes sense. It surely isn't the intention of SCT or other reviewers to review the actual code2? Would it make more sense to ask for documentation that describes the feature?
And for clarity I'm just trying to provide as much context for Mjolnir & Draupnir here, I don't know or care if they meet the requirements of implementation.
Footnotes
Which itself has its own heavy context, and it is a shame that it is missing from the PR itself. ↩
https://spec.matrix.org/proposals/#implementing-a-proposal ↩
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@turt2live do you think the mjolnir implementation is sufficient to move this proposal ahead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I haven't reviewed the implementations, sorry.