[sldev] How Far For Security?

[Argent Stonecutter]

On 2008-06-21, at 01:12, Callum Lerwick wrote:
> I may be late to the party here, but mark my words, if the cache is  
> changed to anything other than plain, complete files in a standard  
> file format, it will be the final nail in the coffin for my already  
> tenuous faith in Linden Lab's collective engineering sense.

Even if a non-standard format that's a serialization of the internal  
structures is faster and more efficient?

There's no solid engineering reason to go with a standard file format  
for a *cache*.

> Also note, if we're going to do the uncompressed cache thing,  
> XORing the file will eliminate the possibility of zero-copy DMAing  
> of the texture directly from disk into VRAM. XOR is still more  
> overhead than having the texture not hit the processor at all.\

The Amiga did MFM decoding on the blitter, and that had a fraction of  
the versatility of any modern GPU, there's no reason that the GPU  
can't do any operations needed to remove obfuscation.

I happen to agree that there's probably no need for obfuscation  
beyond just not using a standard format, I proposed XOR as the  
cheapest possible concession to obfuscation, and I'm not going to  
argue hard at all to keep it... but there's no need to make up  
arguments like that against it, because there's all KINDS of problems  
that have to be solved to get anywhere near that kind of solution. Is  
there even a usermode API for that in any modern OS, or would you  
have to ship device drivers with SL and make SL bypass local user  
permissions in the OS?