[Opensim-dev] Security on Opensim

Rohan Peters petersro at trioptimum.com.au
Sun Jun 22 01:46:50 UTC 2008 

I like the idea of a user being reported 5 times then auto banned until
confirmed (incase of error, or hate groups)

 

 

Rohan Peters

CEO

TriOptimum

Melbourne, Vic, Australia

 

From: opensim-dev-bounces at lists.berlios.de
[mailto:opensim-dev-bounces at lists.berlios.de] On Behalf Of liu xiaolu
Sent: Sunday, June 22, 2008 11:24 AM
To: opensim-dev at lists.berlios.de
Subject: Re: [Opensim-dev] Security on Opensim

 

Correction for the last two sentence :)
>Of course GridServer should not *immediately* put the reported user name
into gridwide blacklist(region onwer maybe a bad person).
>there should be a mechanism for determine bad users in GridServer. (*for
example* a user is reported by more than 5 different RegionServer)

lulurun,
regards

2008/6/22 liu xiaolu <lulurun at gmail.com>:

"Banning user" is a necessary function, but it should not be *ONLY*
centralized in GridServer.
we should also build "banning" functions inside RegionServer since
RegionServer owners may have different dislikes.

This is quite similar to region registration:
RegionServer keeps Regions/*.xml, when it online/offline, RegionServer tell
GridServer to update/delete itself.

So, each RegionServer can also hold a file like "Users/blacklist.txt", it
contains the list of user name.
when "expect_user" called, RegionServer checks its own list.

The "banning list" should have different scopes - 0:per region; 1:per grid;
the balck list file maybe like:
  test user 0(per region)
  lulu run 1(per grid)
"per region" banning is done by checking a local list during "expect_user"
"per grid" banned user should be banned and report to GridServer.
Of course GridServer should not put the reported user name into gridwide
blacklist(region onwer maybe a bad person).
there should be a mechanism for determine bad users in GridServer. (a user
is reported by more than 5 different RegionServer)

lulurun,
regards

2008/6/22 Cityworld <cityworld at gmx.de>:

Since a few days the Griefers called Patriotic Nigras started to attack
Opensim Grids

Osgrid is now attacked a few Days with bad attacks and we have no function
to ban a user or either kick a user gridwide, so i thought about a method to
ban a user from any console where the consoles server is allowed to have
gridwide admin status

 

look on my demonstration pic, that would work fine to kick a user or ban a
user gridwide:

 

http://xionx.de/bannuser.jpg

an admin enters on a granted console the command, then the command runs
through the gridserver and in the main database it will be checked if that
consoles server is allowed to kick or ban users gridwide.

 

_______________________________________________
Opensim-dev mailing list
Opensim-dev at lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev




-- 
Lulurun 




-- 
Lulurun 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20080622/07af9c71/attachment-0001.html>

More information about the Opensim-dev mailing list