[sldev] Re: [ARCH] Permissions
John Hurliman
jhurliman at wsu.edu
Tue Sep 25 11:09:14 PDT 2007
Argent Stonecutter wrote:
>
> From: "Andre Roche" <roamingryozu at gmail.com>
>> With that question in mind, is there good reason why at least a
>> cursory permissions system with cursory enforcement by the official LL
>> client shouldn't be standard, aside from the DRM just doesn't work
>> argument?
>
> I can't think of any, so long as it's possible for the region to
> notify the client what permissions apply in that region where they
> don't match the SL standard... so you don't get to CompletelyOpenGrid
> and discover that the client is keeping you from reading the source to
> a script just because it's in an object you don't own.
>
> That is, I think the policy needs to be that the region is the arbiter
> of permissions, and the creator of an asset is the arbiter of what
> kind of regions they're willing to let their content be delivered to,
> and the architecture should make sure that this is possible.
>
I agree with you, I think there was a general consensus at the
architecture working group meeting that there needs to be a concept of
domain trust that applies to transferable assets. I don't want to get
that issue confused with the bitmasks being sent to clients that is
supposed to pass as a permission system though. Something like that can
easily be implemented through an extension. Just like on the web you can
add Javascript to disable right-clicking of images which is a fine honor
system, but there is nothing in the HTTP protocol to attach permission
bits to html and images.
Domain trust != bitmasks being sent to the client
John Hurliman
More information about the SLDev
mailing list