On Thu, Feb 18, 2010 at 5:27 PM, Morgaine <morgaine.din...@googlemail.com> wrote: > On Thu, Feb 18, 2010 at 7:07 PM, Dahlia Trimble <dahliatrim...@gmail.com> > wrote: >> >> To me, an environment such as SL or the web in general tend to attract a >> few malicious developers, or more so, companies and individuals who are >> interested in collecting personal data and usage patterns. I'd prefer some >> level of control over what they can access without needing to understand the >> source code of any scripted extensions (if indeed source was available). > > Dahlia, I agree with part of that, to the extent where it applies: > > The "malicious users" argument presupposes that scripts come from 3rd > parties, some of whom are malicious. When people write their own scripts, > which is very common in this opensource-dev community, they are not > malicious 3rd parties, and they do not generally want to be treated as such. > > Quite the opposite, they want all the power that scripting on their local > platform can give them. Therefore the "malicious users" argument applies > only to a subset of scripts, the downloaded ones, and it is perfectly valid > there. However, it does not apply to one's own scripts, nor to any other > power-users' scripts that one wishes to trust. > > This leads directly to a rather fundamental requirement: the sandbox must > be optional, applying only to the use case of unknown downloaded scripts, > and not applying when the user wishes her scripts to be used as an interface > to local facilities. > > It is considerations such as this that Lindens should be exploring together > with the community here, because it impacts on the future of Snowglobe > directly and in a colossal way. We are all affected. Designing this behind > closed doors is not adequate, nor is it appropriate in an open source > community viewer. > > > Morgaine. > > > > and this is where languages like perl/python have a strength since the files are plain text so if you think that a script is doing something funky you can just look at the script and see. Mono/dotnet code is compiled and very easily could hide just about anything.
-- Robert L Martin _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
