[Opensim-users] WG: Opensim-users Digest, Vol 16, Issue 23

Frisby, Adam adam at deepthink.com.au
Sun Dec 7 15:25:13 UTC 2008 

The problem here is, if an Admin wants to violate those rights, there is absolutely nothing you can do to stop them. Right now, if I wanted to, I could write a permissions module that set everything in the sim full perms on rez. If this region was on a public grid, people could just rez their items there and get them full perm'd.

I know the suggestion about DRM has been made - but it doesn't work. The math behind it doesn't add up - your basically handing over a locked box, and the key, and then saying 'don't open it.' - if someone wants to abuse your trust, then it's quite possible to do so.

Better approaches need to be made - because there is a high degree of trust required for permissions to work effectively, and in a public environment, you cannot trust anyone.

Remote hosting is one such option - it allows you to keep your source code on your own servers and never transmit it. It won't work for some things (like vehicles) which require low-latency updates, but for other things it will be acceptable.

With regards to implementing a scheme which is known to be broken - the problem comes that people trust that scheme to be reliable. Consider the case of the internet - if SSL was known to be broken at the time it was deployed, there would be some serious ramifications and broken consumer trust right now. Internet commerce would probably cease to exist, or would resemble South Korea where encryption is handled via dodgy browser plugins that don't really work well.

I personally would not feel comfortable advertising a solution which is known to be broken, and advertising it as a reasonable fix. If we remove Second Life(tm) from the equation - and deal with OpenSim as a independent project aiming at being a fairly generic 3D internet server platform and not a SL clone, then the solution we propose should be one that stands up to the rigours of other internet standards. (I've spoken elsewhere at length about this, and proposed some alternatives.)

That is not to say we shouldn't support every model - the current 'permissions manager' in OpenSim is pretty flexible, some groups (like Legend City for instance) have it configured to be identical in behaviour to SL. Other groups have differing agenda's and different permission schemes.

Ultimately though, consumers and business will decide this one - the flexibility to pick and choose with OpenSim means that people will pick and choose, and then build whatever they deem to be the right solution - over time market forces dictate what model becomes the standard.


Adam

> -----Original Message-----
> From: opensim-users-bounces at lists.berlios.de [mailto:opensim-users-
> bounces at lists.berlios.de] On Behalf Of Ralf Haifisch
> Sent: Sunday, 7 December 2008 7:07 AM
> To: opensim-users at lists.berlios.de
> Subject: [Opensim-users] WG: Opensim-users Digest, Vol 16, Issue 23
>
> Hi Adam,
>
> since i´m into security RL (iso 27001, BSI, PCI, ...) I understand what
> you
> mean.  Anyway, technichly there would be a way - implementing a digital
> right management , so rhater the objects know about its rights then to
> build
> a safe case (by server based rights, wich every admin can break) around
> it.
>
> But that is not what I want to go into, since I think we are in a to
> earlie
> stage and modern DRM concepts have proven to be implementable at later
> stages.
>
>
> To me, there is a big difference between the security "not in place" or
> "in
> place, but broken".  This is more a social thing, like murder is
> possible
> but not allowed.
>
> And that way most people think twice about using copybot for realy
> illegal
> stuff, maybe the use it in a way the personaly judge it´s "ok" - like
> export
> objects they bought (paid for) into another grid.
>
>
> That as a basis - I would think (at least in grid mode) a admin should
> not
> be given full permission on a regular basis if the creator did decide
> not to
> do so.   I see great advantages in case of griefing and so (did run
> estates
> in SL before) - so maybe i´m even wrong.
>
>
> But we need to document the behavior in the WIKI, so it´s well know.
> And
> maybe put a concept like:
> - full access for Admins
> - only possible after you made a switch/request and a log is written to
> the
> grid´s servers
> - operate your daily live not as this admin-avatar
>
> Or something like this....
>
>
> So, this is no "the dev´s did bad things" nor is it "we need a FBI
> inside" -
> but to implement technique or visible concepts as a basis to get more
> people
> trust in the system and choose opensim instead of the major player  ;-)
>
>
> Adam: thanks for pointing on that and giving me the possibility to be
> more
> precise.
>
>
> Cheers
> Ralf
>
>
> ---
>
> To address just a tiny portion of this -
> if a script is on a server, then the server admin can get it, it's
> worth
> operating any business assumptions you have with that principle in
> mind.
>
> There's nothing you can do even theoretically to disallow this from
> happening (CIL can be reversed back into C# fairly easily - Reflector
> for
> instance can do it accurately). The only ways to prevent that from
> happening
> is to prevent the script from being copied onto that server - one such
> way
> of doing this might be to run the script remotely. (ala a 'hosted'
> model)
>
> Regards,
>
> Adam
>
> From: opensim-users-bounces at lists.berlios.de
> [mailto:opensim-users-bounces at lists.berlios.de] On Behalf Of Ralf
> Haifisch
> Sent: Sunday, 7 December 2008 3:52 AM
> To: opensim-users at lists.berlios.de
> Subject: [Opensim-users] Permissions
>
> Dearl all,
>
>
> Earlier Stefan did start with a Permission page on the wiki:
>
>
>
> http://opensimulator.org/wiki/OpenSim:Permissions%28Server%29
>
>
>
> and today I run in a situation where I just wanted to know "why" that
> happened.  I know, that the permissions will not copy SL 1:1, but it
> was
> somehow strange to me and I couldn?t figure it out by using Stefans
> page.
>
>
>
> I went out to a place where someone was working on a youtoube player.
> He did
> post his code earlier, but did decide for the time work goes on to put
> the
> playlist and script no mod/no trans - but the whole player way a
> "anyone
> copy" object.  I did take a copy.
>
>
>
> I did reez it on one of my regions.
>
>
>
> And now I have full rights.
>
>
>
> I guess by Stefans wikipage, that is because i?m an Administrator at my
> regions ?
>
>
>
> So, how are the rights to other people ?
>
>
>
>
>
> And want that be a big showstopper for commercial plans ?   only
> strictly
> commercial regions, where is one company holding the Admin account (you
> have
> to trust them, but nothing new) will avoid this problem.
>
>
>
>
>
> Cheers
>
> Ralf
>
>
>
> Ralf Haifisch in SL and osgrid - visit me:    SL - Great white shark
> osgrid - Sharkland regions
>
> ******************************
>
> _______________________________________________
> Opensim-users mailing list
> Opensim-users at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-users

More information about the Opensim-users mailing list