This is an umbrella task for collecting "abuse" cases and discussing responses to them. Abuse is broadly when users use the software to be jerks: posting commercial messages, making a mess, vandalizing things, or generally causing trouble.
Currently, abuse cases are largely hypothetical: we have seen little real abuse in the wild. Our stance today is roughly that we will take steps to anticipate and prevent serious damage (i.e., the software should not have features which would allow an abusive user to cause real harm which would be substantially difficult to repair) but it is not a priority to proactively build tools to detect, prevent, or repair all possible abuse scenarios we can come up with. When abuse does occur, we'll help repair it within reason and consider improving tools to make protection or repair easier if the cost of repairing the abuse was out of line with the cost of causing it.
In general, users can't actually destroy anything and nearly all changes are logged and revertible (although not always trivially), so it is generally difficult for abusive users to cause much real damage. This problem is also almost entirely exclusive to open source installs.
Abuse we have seen firsthand:
- "Security Research": A small number of enthusiastic security researchers occasionally register accounts to create some tasks titled "'></textarea><img onerror="evil() and such. This was more prevalent when our HackerOne program first launched, but has waned over time. We've responded by disabling these users and closing or deleting the objects they created. The cost of this disruption is currently very small, and existing tools are sufficient to manage it.
- SEO Spam: A small number of users have registered accounts purely to post commercial messages with links to third-party sites. Presumably, their goal is to gain Google search ranking. We could add nofollow to outbound links to further discourage this, although I suspect these users are already wasting their time (they're filling out a CAPTCHA and navigating a whole registration process to post one link which is usually taken down within a few minutes). We've responded by deleting the objects they created. The cost of this disruption is currently very small.
- Testing: A moderate number of users treat this install as a test install and create test tasks, etc.
Abuse we've heard of actually happening on other installs:
- A user reported via HackerOne that someone else used "Commandeer Revision" to take over some revisions they didn't like and then lock them down. Since this is very easy to repair with bin/policy unlock and unquestionably implicates the user, I don't currently think it's a problem that needs a specific response.
Hypothetical abuse:
- (T7593) Since we support storage of arbitrarily large files, an enterprising user might upload "l33t w4r3z" and use a Phabricator install to distribute them.
- (T4909) This task discusses concern over users deciding to leave a community and deleting all the comments they've ever made before they go. Comment history is always retained internally, so this does not cause permanent damage, but might not be easy to repair.