[sldev] OpenID & SSL certificates

[Argent Stonecutter]

On 01-Oct-2007, at 04:19, Ryan McDougall wrote:
> Of course this brings us back to the original use case, an adulterated
> client viewer source (where once you access, the game is up no matter
> what).

The solution is to not worry about that case, because unless you're  
using an Orange Book class B trusted computer system with mandatory  
access control at every level (and you'd have to port SL to it first,  
because it's unlikely to run on one as is), it doesn't matter whether  
you're using the official viewer or a third party viewer... as soon  
as you use any software other than that distributed by the OS vendor  
or Linden Labs the game is up no matter what.

If you have the rights to install the copy of SL that you're running,  
then you have the rights to modify it. If you're being a Good UNIX  
Admin and you install it as a separate user ID just for Second Life  
that you don't normally have the rights to, then if you have the  
rights to run it, then you still have the rights to inject code into  
the copy of it you're running. There's canned scripts for doing this  
kind of thing after using the canned scripts from a virus toolkit  
that you used to compromise the user's computer in the first place.  
You drop the whole package on one of the well known accidentally-open  
FTP servers and link to it from a post by a cutout account on  
forums.secondlife.com and you're home free... so even sticking the  
exploit code inside J Random Sculpty Editor isn't necessary.

This may seem an unlikely situation, but it's more likely than  
someone distributing a crocked client. This isn't the BBS era any  
more. You don't get software by trusting that the copy of  
RandomTerminal that J Random User uploaded to the local Pirates Cove  
is legit. You go to J Random User's public website, and if it's  
crocked, Linden Labs can subpoena his identity from the ISP and lay  
down a legal pimpsmack.