<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-AU link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I and my four friends don’t like you. *<b>ban</b>*<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>No, automated solutions like that rarely ever work properly.
Some human element is required. Putting default-deny on permissions though
tends to limit the damage that can be done.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Regards,<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Adam<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal><b><span lang=EN-US style='font-size:10.0pt;font-family:
"Tahoma","sans-serif"'>From:</span></b><span lang=EN-US style='font-size:10.0pt;
font-family:"Tahoma","sans-serif"'> opensim-dev-bounces@lists.berlios.de
[mailto:opensim-dev-bounces@lists.berlios.de] <b>On Behalf Of </b>Rohan Peters<br>
<b>Sent:</b> Saturday, 21 June 2008 6:47 PM<br>
<b>To:</b> opensim-dev@lists.berlios.de<br>
<b>Subject:</b> Re: [Opensim-dev] Security on Opensim<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I like the idea of a user being reported 5 times then auto
banned until confirmed (incase of error, or hate groups)<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Rohan Peters<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>CEO<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>TriOptimum<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Melbourne, Vic, Australia<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal><b><span lang=EN-US style='font-size:10.0pt;font-family:
"Tahoma","sans-serif"'>From:</span></b><span lang=EN-US style='font-size:10.0pt;
font-family:"Tahoma","sans-serif"'> opensim-dev-bounces@lists.berlios.de
[mailto:opensim-dev-bounces@lists.berlios.de] <b>On Behalf Of </b>liu xiaolu<br>
<b>Sent:</b> Sunday, June 22, 2008 11:24 AM<br>
<b>To:</b> opensim-dev@lists.berlios.de<br>
<b>Subject:</b> Re: [Opensim-dev] Security on Opensim<o:p></o:p></span></p>
</div>
<p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US>Correction for
the last two sentence :)<br>
>Of course GridServer should not *immediately* put the reported user name
into gridwide blacklist(region onwer maybe a bad person).<br>
>there should be a mechanism for determine bad users in GridServer. (*for
example* a user is reported by more than 5 different RegionServer)<br>
<br>
lulurun,<br>
regards<o:p></o:p></span></p>
<div>
<p class=MsoNormal><span lang=EN-US>2008/6/22 liu xiaolu <<a
href="mailto:lulurun@gmail.com">lulurun@gmail.com</a>>:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US>"Banning user" is a necessary
function, but it should not be *ONLY* centralized in GridServer.<br>
we should also build "banning" functions inside RegionServer since
RegionServer owners may have different dislikes.<br>
<br>
This is quite similar to region registration:<br>
RegionServer keeps Regions/*.xml, when it online/offline, RegionServer tell
GridServer to update/delete itself.<br>
<br>
So, each RegionServer can also hold a file like
"Users/blacklist.txt", it contains the list of user name.<br>
when "expect_user" called, RegionServer checks its own list.<br>
<br>
The "banning list" should have different scopes - 0:per region; 1:per
grid;<br>
the balck list file maybe like:<br>
test user 0(per region)<br>
lulu run 1(per grid)<br>
"per region" banning is done by checking a local list during
"expect_user"<br>
"per grid" banned user should be banned and report to GridServer.<br>
Of course GridServer should not put the reported user name into gridwide
blacklist(region onwer maybe a bad person).<br>
there should be a mechanism for determine bad users in GridServer. (a user is
reported by more than 5 different RegionServer)<br>
<br>
lulurun,<br>
regards<br>
<br>
2008/6/22 Cityworld <<a href="mailto:cityworld@gmx.de" target="_blank">cityworld@gmx.de</a>>:<o:p></o:p></span></p>
<div>
<blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;
margin-left:4.8pt;margin-top:5.0pt;margin-right:0cm;margin-bottom:5.0pt'>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif"'>Since
a few days the Griefers called Patriotic Nigras started to attack Opensim Grids</span><span
lang=EN-US><o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif"'>Osgrid
is now attacked a few Days with bad attacks and we have no function to ban a
user or either kick a user gridwide, so i thought about a method to ban a user
from any console where the consoles server is allowed to have gridwide admin
status</span><span lang=EN-US><o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><span lang=EN-US> <o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif"'>look
on my demonstration pic, that would work fine to kick a user or ban a user
gridwide:</span><span lang=EN-US><o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><span lang=EN-US> <o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US
style='font-size:10.0pt;font-family:"Arial","sans-serif"'><a
href="http://xionx.de/bannuser.jpg" target="_blank">http://xionx.de/bannuser.jpg</a></span><span
lang=EN-US><o:p></o:p></span></p>
</div>
<div>
<p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif"'>an
admin enters on a granted console the command, then the command runs through
the gridserver and in the main database it will be checked if that consoles
server is allowed to kick or ban users gridwide.</span><span lang=EN-US><o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p>
</div>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US>_______________________________________________<br>
Opensim-dev mailing list<br>
<a href="mailto:Opensim-dev@lists.berlios.de" target="_blank">Opensim-dev@lists.berlios.de</a><br>
<a href="https://lists.berlios.de/mailman/listinfo/opensim-dev" target="_blank">https://lists.berlios.de/mailman/listinfo/opensim-dev</a><o:p></o:p></span></p>
</blockquote>
</div>
<p class=MsoNormal><span lang=EN-US style='color:#888888'><br>
<br clear=all>
<br>
-- <br>
Lulurun </span><span lang=EN-US><o:p></o:p></span></p>
</div>
<p class=MsoNormal><span lang=EN-US><br>
<br clear=all>
<br>
-- <br>
Lulurun <o:p></o:p></span></p>
</div>
</body>
</html>