3. Given the above, has anyone started implementing the code for handling asset creation?
Yes. It is being done slowly, and it is being done was as much co-operation with Linden Lab as we can manage. The upload fee exploit was reported to Linden Lab some time ago and as John H. has pointed out we've got an acceptable solution roughed out (high level code provide for client development that enforces the fee sinks under the hood.) Linden Labs is periodically scanning for people that appear to use the Sink Fee exploit. Additionally, it was already possible WITHOUT the CRC to bring the asset server cluster to it's knees. The CRC key is not necessary to upload assets, and it was already possible to flood the asset server cluster with new assets that would not be attached to actual items. Again, Linden Labs has already been advised of this, quite some time ago, and it is our belief that they may look at adding a Grey Goo / throttle type interface to the asset upload system. I say "belief" as Linden Labs has not informed us of what, if any, action they have taken on this matter as of yet. It is our goal to develop libsecondlife in such a way, as to maintain good relations with Linden Labs and to prevent, whenever possible, exploits that damage the Second Life infrastructure. _______________________________________________ libsecondlife-dev mailing list libsecondlife-dev@gna.org https://mail.gna.org/listinfo/libsecondlife-dev
