[sldev] Sims and Script Security

[Lawson English]

Darien Caldwell wrote:
> Not long ago there was talk about how IBM has private sims behind a 
> firewall. ( 
> http://www.virtualworldsnews.com/2008/04/ibm-takes-secon.html ) I was 
> wanting to know, if they take a scripted item into this private space, 
> does that give them any possible way to view the source code of 
> scripts for said objects? or are only the compiled bytecodes sent to 
> the sim?  Did LL make place any restrictions on what IBM can do with 
> user content once it is taken into this area, or should creators start 
> issuing EULAs if they don't want their items brought into this 
> potentially unregulated space?

I suspect that they cannot, at this point, but even if they could, 
they're under really strict business partner agreements with LL not to 
use copybots on assets (or some other equivalent legal contract, I'm 
sure). IBM should be just as trustworthy in this regard as LL, I should 
hope.

This is entirely different than the upcoming case of Agent Domain vs 
Region Domain distribution of assets and scripts, and the discussion 
there has led to an assumption on everyone's part (including LL's) that 
scripts will remain under complete control of the grid that they were 
written in UNLESS they are full permissions OR the two grids have a 
"trust agreement" worked out.

IF there is a trust agreement, walking between or teleporting between 2 
such grids should eventually look as though you just moved to another 
sim on the original grid. If there is no trust agreement, objects with 
less than full permissions will not rez, and even if an object rezes, 
the scripts within it, unless they are also full perms, will not be 
available in either source or byte code format because the original 
asset server won't give the no-perms stuff to the new asset server with 
the possible exception of bling/attachments scripts, which might run in 
their own private script server on the agent domain, and only control 
signals (not byte code) of some kind sent to the non-trusted grid.


There are ALSO proposals for "this grid only" permissions, open source 
permissions, etc. If you want to get in on those conversations, you 
should attend Zero Linden's office hours and/or the AW Groupies 
meetings. Chat logs of previous meetings for both are linked at:

https://wiki.secondlife.com/wiki/AW_Groupies#Chat_Logs

Eben Moglen, former legal counsel for the FSF and  co-author of the 
GPLv3, has indicated an interest in participating in discussions on 
these issues, I understand. He or his students will be leading such 
discussions in SL later this year, I believe.


Lawson