Grider
From OpenSimulator
Line 37: | Line 37: | ||
=== Teleports === | === Teleports === | ||
− | Agent transfers are controlled by the client. The regions cannot teleport the user's agent-- they may close the connection to it, but they can't teleport it. This is to avoid malicious teleports and/or connections to unwanted sims (think browser pop ups!). In the future, the current region-side teleports may be supported too, in a more controlled manner, but since the goal of Grider is to explore secure alternatives for the Hypergrid, supporting what already exists doesn't seem that important. The most important thing here is to show how to do client-side teleports. | + | Agent transfers are controlled by the client. The regions cannot teleport the user's agent-- they may close the connection to it, but they can't teleport it. This is to avoid malicious teleports and/or connections to unwanted sims (think browser pop ups!). In the future, the current region-side teleports may be supported too, in a more controlled manner, but since the goal of Grider is to explore secure alternatives for the Hypergrid, supporting what already exists doesn't seem that important. The most important thing here is to show how to do client-side teleports, very much like what web user agents do. |
=== Inventory Access === | === Inventory Access === |
Revision as of 14:41, 30 March 2009
Grider is a client for the safe Hypergrid based on LibOMV's GridProxy, and distributed under a BSD license. Its main goal is to explore the protocols that are appropriate for a globally decentralized Virtual Worlds system without having to develop a 3D render from scratch. As such, it wraps the existing Linden Lab-based viewers, both the official viewer and derivatives such as the Hippo, modifying their communications behavior externally -- no source code modification is involved.
Contents |
Getting Grider Up & Running
Precompiled packages:
http://forge.opensimulator.org/gf/project/hypergrid/frs/
Sources:
http://forge.opensimulator.org/gf/project/hypergrid/scmsvn/?action=AccessInfo
Installing
Unzip the zip file onto some directory.
Running
Run Grider.exe. The first time it runs it asks you for the path to your favorite viewer. This information is then stored in a file called Grider.ini. If you need to change the path to the viewer in the future, simply edit or remove that file.
Connecting to your grid
If you choose to use the official LL viewer, there are no more set up steps. The picture below shows examples of login information. Enter your information accordingly. Notice that the grid identification goes in the Last Name tab. By default, it uses port 8002 for user servers; if that is not the case for your server, enter the port accordingly (see the example with localhost).
If you choose to use the Hippo, you need to choose as grid "proxy", as shown below:
Current Features
Grider is a fast-evolving client. The goal for the first release, 0.1, was to illustrate how to make a secure client in terms of: (1) Teleports and (2) Inventory Access.
Teleports
Agent transfers are controlled by the client. The regions cannot teleport the user's agent-- they may close the connection to it, but they can't teleport it. This is to avoid malicious teleports and/or connections to unwanted sims (think browser pop ups!). In the future, the current region-side teleports may be supported too, in a more controlled manner, but since the goal of Grider is to explore secure alternatives for the Hypergrid, supporting what already exists doesn't seem that important. The most important thing here is to show how to do client-side teleports, very much like what web user agents do.
Inventory Access
Inventory access is done directly from the client to the inventory server, wherever it is, and independent of what sim the user is. Inventory servers now have the option to deny access to users' inventory from the regions, which addresses the critical vulnerability described in https://lists.berlios.de/pipermail/opensim-dev/2009-February/005409.html.
Access to the user's inventory from the client is done in a secure manner using capabilities, both the few built-in ones like notecard updates, and many new ones related to manipulation of items and folders. Capabilities to the user's inventory are obtained during login, and after an authentication/authorization step that the user's Inventory server performs with respect to the client.