[JIRA] Commented: (SVC-5054) No-Modify object is modifiable: anyone can disassemble and steal its contents
Nicole Lassally (JIRA)
no-reply at lindenlab.cascadeo.com
Fri Nov 20 14:52:04 PST 2009
[ http://jira.secondlife.com/browse/SVC-5054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=147951#action_147951 ]
Nicole Lassally commented on SVC-5054:
May I offer your own solution to make your empty prim self-destructive, then you don't have nothing to worry about. Problem solved! Even if the bug is fixed.
"... the point in moving the contents to another object to grief" is to put it into your empty box, so your name will appear as the creator as you described before (but you sure don't want it happen to you). :)
"... I just do not see removing contents you own as abuse" ...hmm... it is called dismembering. Ok, I finally figured out why you have difficulty understanding what integrity of the object meant and why it is so important to maintain this integrity. You basically are using the empty prim as a useless "Folder" to deliver a bunch of items that you sell. That is Linden's fault because they did not provide you with a folder. Besides, you can simply click the For Sale "Contents" button in Edit mode to sell its contents, and it will deliver all the items inside into a folder automatically.
But that is not what a prim is for. It is not just a folder. A prim is not an empty box; it is a living entity such as a bird that contains scripts that makes it comes alive, it contains animations that make avatar moves, it contains sounds that talk to you, it contains textures that make it look real. To remove its components is dismembering it (either by unlinking it or by removing its contents), and take these components into another object is abuse (if modification permission is disallowed) when, using your example, a griefer put that chirping sound into the griefing object to annoy people, take that animations out into the griefing object to animate their victims, or take that texture into the exploding particles to grief others. If a griefer merely grief with the original griefing object, why are you worry about them putting it inside your empty box?
Griefing is really a benign problem, but the bigger problem is the abuse of these items for unauthorized uses that compromise security and identity, such as collecting payment from another object in disguise rather than from the original authorized object.
If you don't understand the complexity of this security risk, it is fine; I will not spell out anything more here because it is not the intent of the bug report. The intent is to alert Linden of this vulnerability and potential threat to the system and its users. Whether Linden will take heed to stop this exploit potential by fixing or ignoring the bug is entirely up to them.
I have done my job as a good citizen. May we put this to rest.
> No-Modify object is modifiable: anyone can disassemble and steal its contents
> Key: SVC-5054
> URL: http://jira.secondlife.com/browse/SVC-5054
> Project: 2. Second Life Service - SVC
> Issue Type: Bug
> Components: Permissions
> Affects Versions: 1.32 Server
> Reporter: Nicole Lassally
> Priority: Critical
> You can take contents out of a no-modify object!
> To reproduce permission bug:
> * Create an object
> * Set permission to copy-only (no-modify and no-transfer)
> * Put anything into its content with any permission, i.e., create a script with no-permission or drop an object with no-permission.
> * Give this object to someone
> * Once delivered, rez the object in-world and open its content
> * Copy all its contents (scripts including) into inventory
> * The contents deliver into inventory
> This means that anyone can disassemble all the scripts, texture or anything inside out of an NO-MODIFY object, and steal them from the object and use them on other object even when the object is no-modify supposedly!
> No-mod does not allow anyone to unlink or edit any of the prims in the object, but why does it allow people to dissemble its content and remove them out of the content and put it in the inventory and then use those parts to build their own object? That is not what NO-MODIFY means.
> This is a big SECURITY RISK because someone can potentially take the payment script out of a NO-MODIFY object and put it into your own object and steal money from someone else.
> To make it clearer, you cannot drop things (scripts, textures or whatever) into the content of the no-mod object, BUT you can take things (scripts, texture, etc.) out of it from the object.
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://jira.secondlife.com/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the Jira-notify