On 2010-03-17, at 16:55, Dzonatas Sol wrote: > Somewhere along the line Argent, you trusted to install the SL > binary and its "badly behaved code can compromise you."
The SL binary does not contain a mechanism to automatically download and execute untrusted code from in-world content. > Don't complain to me and others that want to improve user security. > It seems like you want to parade about *spooky* ideas as if we want > to make it worse. Adding the ability to download and execute untrusted code from in- world content is a significant decrease in security. > No we don't want to make it worse. Again, re-read the threads from a > half-year to a year ago about methods to secure and trust these > scripts, like how to "sign-off" on them, and how to take advantage > of security models. I have been dealing with such security models professionally since the '90s. They are inherently hazardous. They have been used as the basis of far too many compromises to consider trusting them. _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
