There is also another angle to this, the single dev/script kiddy/call them what you want, that creates a 'bad' viewer, poses it as a legitimate viewer and distributes it to the masses. Then you are faced with the fact that you do not know whether a connected viewer is bad or not. So you have but a handful of options; complete lockdown using IP ban and invitation only, right the way to the other side, let everyone in no matter what. The middle ground is of course, automating the task of detecting a specific connection or viewer and creating an action based upon that specific detection of said connection/viewer.
Any loose security mechanism will probably be subject to attempted compromise by script kiddy's, as that is what they do. They love wooden fences they can plough through easily as opposed to the time and hassle it takes to knock down iron mountains. The only way to stop 'bad' viewers is to create an iron mountain, which OpenSim is far far off being and until it has its own proprietary viewer, will probably stay that way (though ANY open source client poses a constant security threat to OpenSim, as does any open source simulator to the client). To block a road with traffic cones is just asking for them to be kicked out of the way. OpenSim is not secure, period. It's a harsh reality, but it is true and would be foolish to think otherwise. The best course of action, IMHO, is to backup. Backup backup backup and verify you can use your backups to restore to a good state in as faster time as possible; though that only combats griefing. If people are concerned about having their objects/assets stolen by people using 'bad' viewers then there really isn't a lot you can do at the present time, except only invite people who you trust to your sims. On that note anyone trying to make money from selling objects/assets when connected to an open grid (i.e. not a walled garden) using OpenSim should be prepared for the worst, if they really are worth stealing, and that is something that plagues the Linden grid still to this day. The above, though harsh, is only my opinion but I feel my time being active in an open grid has taught me that. Open grids/standalones are among a very harsh cruel world and every silver lining has a cloud. Adelle _______________________________________________ Opensim-users mailing list [email protected] https://lists.berlios.de/mailman/listinfo/opensim-users
