UNIX.dog

UNIX.dog

UNIX.dog Rules

To provide a welcoming space, UNIX.dog needs some rules. (tl;dr don't be an asshole).

Please keep in mind that final interpretation of these rules are up to UNIX.dog admins. As the server is hosted in St. Louis, United States, by Contabo, all use of UNIX.dog services must follow federal law of the U.S. and the Contabo terms of service.

As noted below, all official communication will come from alpha at unix dot dog or this website. As precaution, these communications will be signed with the following GPG key:

67A3 9437 8618 B72E B4D5  CC69 B0EB E117 49B9 9367

which can be found hosted here.

Network Conduct

  1. Do not impersonate or otherwise deceptively claim yourself as a UNIX.dog admin. All official communications will be from alpha at unix dot dog or this website.
  2. Do not collect UNIX.dog user data without express permission from the administrators or the user in question.
  3. Do not use UNIX.dog services for commercial reasons.
  4. Do not attack, compromise, or disrupt UNIX.dog services with malicious intent.
  5. Be courteous of the shared resources provided, and be mindful of your time using them.

Personal Conduct

  1. Treat every individual with respect and kindness.
  2. Do not use profanity, slurs, or offensive language in a way directed maliciously at an individual.
  3. Do not discriminate against individuals because of race, religion, nationality, membership in a particular social group, or political opinion.
  4. Do not bully, harass, or otherwise intimidate or cause emotional harm to any individual with malicious intent or via negligence.

Content Rules

  1. When uploading NSFW, please tag it accordingly.
  2. Do not upload content that is illegal in the U.S.
  3. Sexual depictions of children, including artistic depictions, are not allowed.

Moderation Conduct

Please note that this should apply to both UNIX.dog admins and moderators along with moderators of user-created MUCs or other groups on UNIX.dog services.

  1. You must not give cruel, unusual, or vindictive punishments to users.
  2. You must give an explicit, unambiguous warning to users before performing a privileged action on them, unless it is reasonably determined that they are automated.
  3. You must also provide an explicit, unambiguous reason and duration to the privileged action.
  4. You must provide a banned user, after a reasonable cool-down period, the ability to exchange external contacts with their peers.
  5. No "ex post facto" judgements.
  6. Burden of proof is laid on the accuser, not the accused. Please keep this in mind when submitting reports.

Legal Disclaimer

THESE SERVICES ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE ADMINISTRATORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THESE SERVICES OR THE USE OR OTHER DEALINGS IN THESE SERVICES.

These rules inspired by Nuegia's TOS

Data & Logging Disclaimers

This section should be taken as a rough overview and guide as to what happens to your data. UNIX.dog does not use your data in any commercial capacity, and only stores data necessary for service operation or security and auditing.

Much of the data is stored unencrypted due to the nature of the services provided. Remember that while there are access controls, the best way to safeguard your data is to encrypt it yourself.

If you are concerned or believe that there is something missing here, please reach out via email or XMPP.

Data Accessible to the World

The following data is publicly accessible by anyone with an internet connection.

LDAP

  • Chosen username.
  • Personal information given on the account page.
  • SSH public keys.
  • Login shell.

XMPP

Privacy settings can be configured with supported XMPP clients.

  • Personal information published on your VCARD.
  • Uploaded avatar image.
  • Presence information to your subscribed contacts.
  • Other information exposed by your XMPP client. This can include hostname and OS version. Check your XMPP client for details.

Mumble

  • Chosen username.
  • User channel info, if created.

E-Mail

Filters are not applied to outgoing mail. The following may be included in the e-mail headers:

  • Sender IP.
  • Sender hostname.
  • Sender client identification string.

Akkoma

Akkoma has built-in privacy settings.

  • Provided personal information such as display name, bio, and profile avatar.
  • Posts and boosts marked as public.
  • Your social network, i.e. your followers and who you are following.

IPFS

Due to the nature of IPFS, uploaded data can be accessed by anyone with the CID.

Nextcloud

Nextcloud has built in privacy settings.

  • Personal information published on your profile such as display name, bio, profile avatar, and more.
  • Files shared publicly.

Shell access

Files located under ~/public are accessible to the world, as determined by their UNIX permissions.

Data Accessible to UNIX.dog Users

The following data can be accessed by people with a registered UNIX.dog account.

Shell access

  • Last login times and IP, via WTMP logs.
  • Currently open sessions and connection IP, via UTMP logs.
  • The home directory has default permissions that let others view the list of files, required for the public folder to work. If this bothers you, consider changing your umask in your shell RC file and storing files in a subfolder.
  • Users can send you messages via the write and wall commands. Use mesg n to disable.

Data Accessible to Administrators

The following data is stored on the server, and is thus accessible by administrators.

HTTP

  • Access logs, which include source IP, request headers, request path, and time.
  • Request data (i.e. POST or form data) is not logged.

LDAP

  • Password hashed with Argon2ID.

Akkoma

ActivityPub is not a secure protocol, and should not be used for sensitive communications. Post content can be deleted if needed, but posts could still exist on other servers because of the nature of federation.

  • Post and DM content, regardless of post visibility setting.
  • Error logs.

XMPP

If you use OMEMO encryption, message content is encrypted. XMPP is also a federated protocol, so your data may be exposed and stored on the server of the contacts you communicate with.

  • Your XMPP roster.
  • Uploaded files, published at an obfuscated URL.
  • Message content, cached for 7 days in MAM, for both private messages and group chats (MUCs).
  • Connection and authentication logs, which includes connection IP.

Legacy service XMPP bridges

The legacy service XMPP bridges are hosted on a seperate server, not woofer.

  • Provided credentials to authorize to the legacy service, unencrypted.
  • Legacy contacts, synced to the UNIX.dog XMPP server.
  • Messages are stored unencrypted on the XMPP server, and are thus also cached in MAM for 7 days.

Forgejo

  • Any uploaded repositories.
  • Error logs.

E-Mail

E-Mail is an unencrypted protocol. Consider using PGP or other encryption if you require secure communications.

  • E-Mail content in your home directory.
  • Authentication logs, including connection IP.
  • Transport logs, including source and destination address.
  • Error logs.

Nextcloud

  • File content.
  • Contacts and Calendar content.
  • Other data which is uploaded to the Nextcloud server.
  • Error logs.

Mumble

  • Client certificate public key, for authorization.
  • Authentication logs, which include connection IP and possibly client OS.
  • Error logs.

SSH

  • Authentication logs, which include connection IP, username, and public key (if provided).

IPFS Upload Service

  • Pinned CIDs, associated with a user.