Config Defined Admin List #1246

New issue

Closed

opened 2025-12-27 04:55:08 +00:00 by Astralchroma · 0 comments

Astralchroma commented 2025-12-27 04:55:08 +00:00

Copy link

Having the server administrator list be defined by those present in a specific room is problematic as:

• The admin room may be broken, inaccessible, etc leaving an admin without access to commands, some of which may be needed to restore the room.
• Given recent security vulnerabilities it is not out of the question that a user could "break into" the admin room, gaining the access that that entails, and potentially removing legitimate admins from the room.

These two problems can be avoided by having the admin list be defined by config in some way.

I propose the addition of two new config values.

"admins", which is a list of Matrix IDs; any account added to this list will be an admin, regardless of whether they are in the admin room or not.

"admins_from_room" which is a boolean; when true, those in the admin room are granted admin access in addition to the config defined list. When false only the admin list is used.

By default "admins_from_room" is enabled to preserve behavior that everyone has come to expect, and to avoid users getting locked out. However users should be advised to add themself to the admins list, and then disable this option due to the previously mentioned security concern.

Having the server administrator list be defined by those present in a specific room is problematic as: - The admin room may be broken, inaccessible, etc leaving an admin without access to commands, some of which may be needed to restore the room. - Given recent security vulnerabilities it is not out of the question that a user could "break into" the admin room, gaining the access that that entails, and potentially removing legitimate admins from the room. These two problems can be avoided by having the admin list be defined by config in some way. I propose the addition of *two* new config values. "admins", which is a list of Matrix IDs; any account added to this list will be an admin, regardless of whether they are in the admin room or not. "admins_from_room" which is a boolean; when true, those in the admin room are granted admin access *in addition to* the config defined list. When false only the admin list is used. By default "admins_from_room" is enabled to preserve behavior that everyone has come to expect, and to avoid users getting locked out. However users should be advised to add themself to the admins list, and then disable this option due to the previously mentioned security concern.

nex added the

Enhancement

Matrix/Administration

Security

Difficulty

Easy

labels 2025-12-27 04:57:05 +00:00

nex self-assigned this 2025-12-27 04:57:11 +00:00

nex added this to the 0.5.2 milestone 2025-12-27 04:57:12 +00:00

Terryiscool160 referenced this issue from a pull request that will close it, 2025-12-30 23:11:18 +00:00

feat(!1246): Config defined admin list #1253

Jade closed this issue 2025-12-31 19:43:12 +00:00

Jade referenced this issue from a commit 2025-12-31 19:43:13 +00:00

feat: Config defined admin list

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

renovate/rust-patch-updates

renovate/rspress-plugin-preview-2.x-lockfile

renovate/rspress-plugin-client-redirects-2.x-lockfile

renovate/rspress-core-2.x-lockfile

renovate/crate-ci-committed-1.x

ginger/xtask-improvements

jade/improve-admin-config-display

jade/sender-timeouts

aranje/illegal-car-mods

nex/feat/custom-v12-room-ids

ginger/update-metadata

renovate/rand-0.x

renovate/crate-ci-typos-1.x

nex/feat/admin-force-logout

renovate/lddtree-0.x

tom/max-perf-docs

renovate/github-actions-non-major

nex/fix/invalid-appservice-reg

nex/feat/antispam

nex/feat/account-locking

jade/logging-cleanup

jade/remove-legacy-appservice-auth

nex/fix/key-query

jade/update-prek

nex/fix/room-summaries

ginger/restrict-admin-commands

ginger/enable-console-by-default

jade/tag-fixes

jade/otlp

renovate/cargo-bins-cargo-binstall-1.x

nex/meta/pull-req-template

nex/stateres-refactor

nex/fix/fed-invite-compliance

nex/feat/complement

nex/feat/build-commit

nex/feat/join-logging

jade/mailmap-updates

jade/hack-ci-tmp

jade/v12-stable

jade/relations

renovate/axum-monorepo

ginger/database-refactor

jade/fix-ldap-uiaa

nex/fix/validation

ginger/nuke-invalid-msc4133-fields-in-migration

ginger/downgrade-artifact-actions

oddlid/reload-fix

jade/fix-assert

ginger/sync-v3-cleanup

renovate/ruma-digest

ginger/remove-absolute-action-urls

renovate/https-code.forgejo.org-actions-checkout-6.x

renovate/actions-checkout-6.x

jade/website

renovate/https-code.forgejo.org-actions-checkout-digest

nex/fix/backoff

renovate/bytes-1.x-lockfile

ginger/fix-mdbook-for-0.5

ginger/no-docker-on-prs

nex/mods

backport/v0.5.0-rc.8-1

renovate/hyper-1.x-lockfile

nex/fed-improvements

dahsa_uwu/axum-0.8

jade/rust-1.90

jade/mirror-dockerhub

jade/clippy-fixes

jade/fix-support

jade/clean-images

jade/wal-compression-type

jade/flake-clone

ginger/upload-rpms-on-schedule

nex/fix/incoming-fetch

nex/fix/upgrade

tom/ci-fedora-rpm

jade/ci-release-fix

jade/rocksdb-10-5

ginger/fix-msc4133-migration

ginger/migrate-busted-tz

hydra/public

nex/feat/manual-extremities

nex/feat/async-media

nex/feat/fast-joins-hack-do-not-use-DO-NOT-USE

nex/feat/better-logging

trigger-ci-so-latest-isnt-on-illegal-car-mods

nex/feat/pins-backfill

jade/tuwunel-2025-06-old

jade/ai-slop-db-docs

nex/fix-create-auth

jade/version-stats

jade/read-receipts

jade/rust-toolchain-no-targets

jade/logging-features

jade/syncv5-typing

jade/msc2815

jade/purge-sync-tokens

morguldir/see-eye

jade/css-small-screen

nex/wip-751

tuwunel-rebase

test

oddlid/rename-admin-room-bot

strawberry/nix-ci-stuff

strawberry/valgrind

phonemain

strawberry/morgs-snake-sync-jason-main

newer-media-endpoints

folly-coroutines-async-io

federation-retry-timer-port

bad-attempt-at-extracting-homeserver-signing-key

room-deletion-attempt-do-not-use

v0.5.2

v0.5.1

v0.5.0

v0.5.0-rc.8.1

v0.5.0-rc.8

v0.5.0-rc.7

v0.5.0-rc.6

v0.5.0-rc.5

v0.5.0-rc4

v0.5.0-rc3

v0.5.0-rc2

v0.5.0-rc

v0.4.7-rc

v0.4.6

v0.4.6-rc

v0.4.5-rc

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

Labels

Clear labels   

Blocked

This pull request or issue is currently blocked from being merged/closed

  

Bug

Something isn't working as intended

  

Cherry-picking

Commits picked from other conduit projects

  

Database

This requires or includes changes to the database

  

Dependencies

Something dependency related

  

Dependencies/Renovate

Automatic dependency upgrades by Renovate

  

Difficulty

Easy

Low difficulty to implement - touches few parts of the codebase, low complexity

  

Difficulty

Hard

High difficulty to implement - touches many parts of the codebase, high complexity

  

Difficulty

Medium

Medium difficulty to implement - touches more parts of the codebase, higher complexity

  

Documentation

Improvements or additions to documentation

  

Enhancement

New feature or request

  

Good first issue

Good for newcomers

  

Help wanted

Additional eyes and keyboards are required for this one

  

Inherited

Issues that have been inhereted from the project pre-fork

  

Matrix/Administration

Features pertaining to homeserver administration

  

Matrix/Appservices

Features pertaining to the appservice API

  

Matrix/Auth

Features pertaining to authentication

  

Matrix/Client

Features pertaining to client-to-server interactions

  

Matrix/Core

Issues relating to core matrix functionality, such as state resolution and PDU formats

  

Matrix/Federation

Features pertaining to server-to-server interactions

  

Matrix/Hydra

Issues related to room version 12 and related changes (temporary label)

  

Matrix/MSC

Features pertaining to unstable matrix features

  

Matrix/Media

Features pertaining to media interactions

  

Meta

Related to housekeeping, maintenance, or other repo-meta.

  

Meta/CI

Issues related to CI changes

  

Meta/Packaging

Packaging

  

Priority

Blocking

This issue is blocking the next release

  

Priority

High

This issue is very important

  

Priority

Low

This issue is of a rather low priority

  

Security

This item is related to general security

  

Status

Confirmed

This issue has enough information and is confirmed

  

Status

Duplicate

This issue or pull request already exists

  

Status

Invalid

This issue doesn't seem right

  

Status

Needs Investigation

This issue needs further investigation

  

Support

Questions or support requests

  

To-Merge

  

Wont fix

This will not be worked on

  

old/ci/cd

Ci/CD

Archived

  

old/rust

Pull requests that update Rust code

Archived

No labels

Blocked

Bug

Cherry-picking

Database

Dependencies

Dependencies/Renovate

Difficulty

Easy

Difficulty

Hard

Difficulty

Medium

Documentation

Enhancement

Good first issue

Help wanted

Inherited

Matrix/Administration

Matrix/Appservices

Matrix/Auth

Matrix/Client

Matrix/Core

Matrix/Federation

Matrix/Hydra

Matrix/MSC

Matrix/Media

Meta

Meta/CI

Meta/Packaging

Priority

Blocking

Priority

High

Priority

Low

Security

Status

Confirmed

Status

Duplicate

Status

Invalid

Status

Needs Investigation

Support

To-Merge

Wont fix

old/ci/cd

old/rust

Milestone

Clear milestone

No items

No milestone

0.5.2

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

nex

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

continuwuation/continuwuity#1246

No description provided.