Your participating grid and region owners will just have to change the setting. A change to the default is not an option. That would affect unwitting OpenSim users and possibly lead to problems for grids that they would be hard put to accurately troubleshoot.
- Melanie On 03/08/2015 20:12, Chris Weymann wrote: > Hello all, > > Thats right. With bad script it is posible to make a dos to a robust server. > But this is posible with LSL funktion too. I think the functionality shold > not be restricted becouse of possibly bad scripts. > The permission system is the wrong way to protect the region or robust > stability. For this needs the script engine a trigger limit for some > funktions. > My meaning is that this funktions and that everyone can use it are importand > for some typs of scripts. > I have make this patch because i want make a vendor system who works over HG. > For this is it importand what everyone can use this funktions. > > @Oren > Then it must be you can change it back to "Low". It is ok for me. > > Best regards > Chris > > -----Ursprüngliche Nachricht----- > Von: [email protected] > [mailto:[email protected]] Im Auftrag von Melanie > Gesendet: Montag, 3. August 2015 17:06 > An: [email protected] > Betreff: Re: [Opensim-dev] Changing the permissions of osAvatarName2Key > > Wrong. This function (and others classified thus) have a very real potential > for DOS attacks. Calling them with a random argument will cause a request to > the ROBUST services which could be inundated with 10s of thousands of > requests by abusers with build/script rights. > There is no limit or throttle on them. > > - Melanie > > > On 03/08/2015 15:50, Oren Hurvitz wrote: >> But what do you think the threat level *should* be? I think this is a >> safe function that should be callable by everyone, since names and >> avatar UUID's are public knowledge. >> >> On Mon, Aug 3, 2015 at 4:46 PM, Mister Blue >> <[email protected]> >> wrote: >> >>> Changing the ThreatLevel as opposed to changing the entry in >>> 'osslEnable.ini' would cause existing installation that are using >>> ThreatLevels as os function control to allow these functions. The >>> ThreatLevel change would change regions that enable os functions but >>> only the VeryLow functions. Are there many regions that do this? >>> >>> As an alternative, leave it ThreatLevel 'low' but change the entry in >>> osslEnable.ini to 'true'. This would enable the function for all >>> while keeping the previous threat note. Region owners who are using >>> the ThreatLevel for control will probably think this is set at the >>> level they need. Those who are not using ThreatLevel (and are >>> probably just using the osslEnable.ini settings) wouldn't mind >>> changing these functions to be enabled. >>> >>> Also, if changing ThreatLevel is a Good Thing, consider changing >>> osGetGridName and osGetGridNick to VeryLow as these functions are >>> needed by scripts while HGing. These are already 'true' in osslEnable.ini. >>> >>> == mb >>> >>> On Mon, Aug 3, 2015 at 5:44 AM, Oren Hurvitz <[email protected]> wrote: >>> >>>> Currently, osAvatarName2Key has ThreatLevel "Low" and is further >>>> restricted to the estate manager or owner. >>>> >>>> A pending patch will change the permission to VeryLow, and allow the >>>> function to be called by anyone. >>>> >>>> I think that's fine: this doesn't seem like a sensitive function. Is >>>> there any reason not to allow this? >>>> >>>> And while we're at it, osKey2Name is similarly restricted, and I >>>> think it should similarly be allowed to be called by anyone. >>>> >>>> -- >>>> Oren Hurvitz >>>> VP R&D >>>> Kitely Ltd. >>>> >>>> Email: [email protected] <[email protected]> >>>> >>>> _______________________________________________ >>>> Opensim-dev mailing list >>>> [email protected] >>>> http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev >>>> >>>> >>> >>> _______________________________________________ >>> Opensim-dev mailing list >>> [email protected] >>> http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev >>> >>> >> >> >> >> >> _______________________________________________ >> Opensim-dev mailing list >> [email protected] >> http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev > _______________________________________________ > Opensim-dev mailing list > [email protected] > http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev > _______________________________________________ > Opensim-dev mailing list > [email protected] > http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev > > _______________________________________________ Opensim-dev mailing list [email protected] http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
