Mastodon has a few structural weakness when it comes to security vulnerabilities:
- if you can get RCE, you can suspend every federated instance. That forces remote unfollow of all users. Restoring your server from backup doesn’t fix that.
- there’s no auto update feature and/or one click upgrade for admins
- admins have bolted on patches galore - eg search patches, UI changes etc - which makes upgrading more complex
@GossiTheDog if you can get RCE you can just run the command to tell every remote server that your server is shutting down permanently, so...