Oh dear, I may see the problem. Mailmain/pipermail seems to be slicing posts on a leading 'From ' as if incoming posts were in Unix mailbox format (they're not!), a very elementary mistake. Any Lindens reading this, please give the mail/web sysadmins a heads-up.
Meanwhile, it's just a guess, but don't start paragraphs with 'From ' folks. Morgaine. ================================= On Wed, Mar 17, 2010 at 8:43 PM, Morgaine <morgaine.din...@googlemail.com>wrote: > [Mailmain/pipermail is slicing up posts again in the M/L archive. I'll try > a repost.] > > > > Argent is exactly right. > > From sitting in on these OHs, the intention that has come across (but with > some ambiguity) is definitely that binaries will be pushed to our clients > and executed, even if this involves some action in-world. Whatever the > mechanism of transfer, these binaries are inherently untrusted and > untrustworthy by inspection. If you choose to assign your trust to them, > that is your own personal lookout. > > Note that this situation is *NOT* like on the Web, where Javascript is > sent to browsers as *source code* which is available for inspection by > anyone who cares to do it. Because of the possibility of inspection, the > Web enjoys the "many eyeballs" effect that allows browsers to flag sites as > malicious. There will be no such protections here, because the distributed > binaries are opaque. > > The mere idea that opaque binaries are being sent to people and executed > locally on their PCs should be enough to send shivers down everyone's spine, > even if they're only minimally aware of security. From our technical and > open source perspective here, which is after all what opensource-dev is all > about, it's just completely unacceptable. > > Designing script execution to run on LL's servers is wholly within Linden > rights to do in secret. Designing script execution to run *on OUR private > machines* is NOT within Linden rights to do in secret at all. > > > Morgaine. > >> >> >> >> >> >> ================================== >> >> >> On Wed, Mar 17, 2010 at 6:45 PM, Argent Stonecutter < >> secret.arg...@gmail.com> wrote: >> >>> On 2010-03-17, at 12:31, Dzonatas Sol wrote: >>> > You install a program on your computer, and you either trust it or >>> > you don't. It comes down to that, so it doesn't matter if it is .NET >>> > or Java or some binary made by company XYZZY. >>> >>> The quotes from the office hours make it seem like they're talking >>> about having in-world content pushing stuff onto your client, not >>> explicitly installing code. >>> >>> _______________________________________________ >>> Policies and (un)subscribe information available here: >>> http://wiki.secondlife.com/wiki/OpenSource-Dev >>> Please read the policies before posting to keep unmoderated posting >>> privileges >>> >> >> >
_______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
