It also points out why HyperGrid, for all the "Hype" it receives is fundamentally busted.
It fails to deal with trust relationships between services and partitioning of responsibility in any kind of sensible way. Its really assuming a "friendly" environment for a protocol that is meant to work over the internet between disparate providers. At best a non-sequitur. IMO it never should have gone into core and I said so at the time. Mike On 10/5/15 10:59 AM, Henri Beauchamp wrote: > On Mon, 5 Oct 2015 16:52:05 +0200, Latif Khalifa wrote: > >> It's not nonsense, it's a security measure. In SL sims are trusted so >> they proxy all the communication from the viewer to the central >> services such as inventory and assets. On OSGrid anyone can attach >> their own sim. This sim could tell the inventory service "User XYZ >> just emptied the trash", which in practice means everyone with a >> modified sim code could empty your Trash and Lost & Found. >> >> This is why those operations were disabled on OSGrid, and work just >> fine on more controlled grids. > So, instead of securing the communications (simply check that the user > is actually logged into the requesting sim, or use AISv3 instead of > UDP messages), you prefer breaking a protocol (not even documenting > the change anywhere, and not warning the TPV developpers you did it)... > > Non-sense (again) ! > > Henri. > _______________________________________________ > Policies and (un)subscribe information available here: > http://wiki.secondlife.com/wiki/OpenSource-Dev > Please read the policies before posting to keep unmoderated posting privileges _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
