[sldev] OpenID & SSL certificates
Ryan McDougall
ryan at ngigroup.com
Mon Oct 1 18:09:04 PDT 2007
On Mon, 2007-10-01 at 08:36 -0500, Argent Stonecutter wrote:
> On 01-Oct-2007, at 04:19, Ryan McDougall wrote:
> > Of course this brings us back to the original use case, an adulterated
> > client viewer source (where once you access, the game is up no matter
> > what).
>
> The solution is to not worry about that case, because unless you're
> using an Orange Book class B trusted computer system with mandatory
> access control at every level (and you'd have to port SL to it first,
> because it's unlikely to run on one as is), it doesn't matter whether
> you're using the official viewer or a third party viewer... as soon
> as you use any software other than that distributed by the OS vendor
> or Linden Labs the game is up no matter what.
Most linux distro's ship SELinux enabled. I dont know if that
technically "orange book", but its a sight better the old-fashioned
naive UNIX you describe. If MS refuses to ship a similar solution its
really beyond the scope of this discussion.
While youre definitely right, there is more than one way to attack a
crypto binary from a compromised SL viewer, the point is, as I said, the
problem isnt necessarily "solved" so much as it reduces to a problem of
OS or crypt-system security, which at the very least takes it off our
plate.
This, IMO, was LL intention in trying to offload the work to Mozilla --
not because Moz is leet security, but because its something for Mozilla
et al to worry about.
Cheers,
More information about the SLDev
mailing list