[Opensim-dev] Security: multiple or the most generic?
Diva Canto
diva at metaverseink.com
Mon Apr 13 17:37:15 UTC 2009
I've been debating with myself and with some ppl in IRC about whether
OpenSim should support many security schemes or shoot for the most
generic one. Advice appreciated. Here's the situation.
There are already 3 different authentication schemes on the pipeline for
Teleports, one of them being the current one, and two being on my local
non-committed changes. These 3 schemes are: (a) no authentication; (b)
session authentication; and (c) key authentication (keys being unique,
one-time strings for each client-server pair).
(a) is what is currently in place -- hence my nagging about the lack of
security in non-VPN'ed grids. But for VPN'ed grids this is perfectly fine.
(b) is a weak form of authentication that prevents spoofing from the
outside of a grid, but that doesn't prevent spoofing from inside. That
is, regions can find out the sessionID of users when they're logged in,
and impersonate them. In open grids this is highly unsafe; but in
walled-garden grids, this is perfectly fine.
(c) is the strongest form, as it allows clients to have a lot more
control -- not the raw Linden client, which doesn't quite do that, but
others. (c) can also be implemented in the current setup, with the raw
Linden client, and with server-side teleports. It's kind of meaningless
in this case, but it's no worse than (b) for open grids.
So, back to the original question. Should OpenSim support all of these
and more, or should we shoot for (c) only?
More information about the Opensim-dev
mailing list