[Opensim-users] Back to recent secondlife changes [Was: Re: Call to discussion: code environment [Was: recent secondlife client versions don't support OSSL functions]]

[Diva Canto]

Dr Scofield wrote:
> to send "good" code to the server is just naive. the server (if it wants to
> survive) has to be its own guardian. after all, we don't stop fixing apache bugs
> and assume, "oh, the client will prevent exploits from coming our way"...
>   
> i think this is just bad design: checking at the client and trusting 
> the client
The trust API must exist on both ends, client and server; not just on 
one of them. On the server side there need to be policies wrt what code 
to be run, too. As you say, clear protocol specs; which combination of 
IPs/agents/users/actions do the region servers trust code coming from?

My comment about asking the user pertains to the recent LL's 
*client-side* API checks, which seem a bit odd. I'd much rather receive 
information about what the region server is able to do to me (as a 
client), along with reputation information (certificates and other), and 
decide whether I want to allow it or not. Basically, if you never heard 
about the Xworld, and you can't find any information about it, you 
probably shouldn't even go there. Rather than "well, that region seems 
to comply with LSL, go ahead, you're safe."

Crista

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-users/attachments/20080926/0c479448/attachment.html>