[JIRA] Issue Comment Edited: (SVC-5054) No-Modify object is modifiable: anyone can disassemble and steal its contents

Nicole Lassally (JIRA) no-reply at lindenlab.cascadeo.com
Fri Nov 20 20:31:04 PST 2009


    [ http://jira.secondlife.com/browse/SVC-5054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=147980#action_147980 ] 

Nicole Lassally edited comment on SVC-5054 at 11/20/09 8:29 PM:
----------------------------------------------------------------

BTW, if all you are using the prim for is just a folder for the items you are selling, there are simple scripts that automatically copy the items from the content into the inventory with just a click (or on rez), regardless of what the permission of the enclosing prim is.

In fact, that is something you should have done to help those customers who were surprised to find a box when they thought what they bought were clothing, without knowing how to open the box to copy the content into inventory.

(This is also precisely why you want to restrict the end-user from accessing your inside contents directly or take all of its content out because what you sell to them are the enclosing clothing items, not the smart script that you use to copy the items for them to their inventory, or any other scripts/texture that provide the functionality, such as your company logo files.) 

If all you are selling are clothing, and use the prim as a folder to hold your items but nothing more, then I can see why you don't understand how prims work in SL, and why you don't understand removing the parts inside the content is no different from unlinking the prims, or removing the textures that are burned into the prim itself, and why you don't see the connection between modification and removing contents from an object are the same thing.

Now, I figured out why you don't understand the simple dance ball example.  It has to do with basic knowledge of how prims work in SL under the hood.  If you understand what makes SL work from the technological point, then you will fully understand what this is all about.

Let me use texture as an example to illustrate this concept of how SL works, because stealing texture is one of the most complained subjects by most content creators.  Why is it such an issue?  Because it has to do with unscrupulous people removing textures from objects when they don't have permission to.

Let's use your company logo as an example.  Let's say you want to protect your company logo texture.  Because you burn your logo texture into the shopping bag that you used as a box set to sell to your customer, you only want your customer to retrieve the clothing inside that shopping bag (box), but not your company logo itself, so you put no-mod onto the shopping bag (box).  I totally understand your rationale to do that because they are entitled to the clothing but not your logo, so you don't want someone to take that texture out and start their own shop with your logo claiming their products are from your store.  That is why you insisted to allow them to remove content from your no-mod box to ensure they don't steal your logo because you want no-mod to protect them from stealing your logo texture.

But that is not how texture always works in SL.  Let's say you want to be fancy, and make your shopping bag switch its appearance between Christmas shopping theme logo and a regular logo.  How do you do that?  You put 2 texture jpeg files into the content of your shopping bag (box) - one for your regular logo and another for the Christmas logo.  Then you write a script to code the instructions to display your regular logo for 5 sec, and switch the texture to Christmas for another 5 sec.  This means instead of using Edit mode to burn your texture into the box's surface, you use the script to put switch the texture every 5 sec.  To do so, you have to put the script, your 2 logo texture files, as well as your clothing items that you sell into the content of that box.

Now, here is the catch.  When you do sell that to your customer, they will remove your script and your 2 logo texture jpeg files from the contents too, not just your clothing that they bought.  Now, your customer is a happy camper, and start a shop selling clothes under your brand, using your logo.  Do you like that?

Do you now not understand why allowing them to remove every items from inside the content of a no-mod prim is a bad idea because no-mod did not prevent them from taking everything out of it?  In this case, you would want them to take the clothings out, but not your logos or your smart script of switching logo every 5 sec.

Would you consider this as stealing your logos even though they paid for everything, and have every legit rights to remove every single items inside the content of your box, and do whatever they want with it because they own them after all?

Now, do you see the connection between removing the texture file inside the content and removing the texture that was burned into the box?  The difference is merely removing from the content and removing from the surface of the prim.  As of now, no-mod only prevents removal of texture from the surface of the prim, but did not prevent removal of texture from the content (when it should have been).  So if no-mod is working correctly, then it would prevent both cases, and block anyone from stealing your logo independent of whether the texture is burned into the surface or left inside its content.  Your self-destructive script cannot protect you from someone ripping your company logos texture files off from it.

This example also illustrates that items left inside a prim's content are not free-for-all to take.  When you bought that prim, you are not necessarily entitled to everything that is inside (such as your company logo) or what is on the outside (surface texture).  Allowing them to remove the texture inside the content is equivalent to allowing them to remove the surface texture too.

The reason why no-mod prevents people from ripping the surface texture of the box is preventing removal of its component (in this case, it is the texture on the surface), and in general, the items inside the content is also an integral component of that prim as much as the burned-in texture on its surface, because to make your logo switch every 5 sec on the surface requires the script and the 2 logo jpeg files reside inside the content to work together.  Removing the 2 log jpeg file becomes identical to removing the surface texture even if it is no-mod.

To illustrate this further, let's say you sell the clothing with no-mod.  No-mod clothing merely protects someone from ripping the texture off of it.  That is equivalent to blocking them from extracting/removing the texture from its content.  So do you not see no-mod is identical to no-removal? 

Hope this help you understand why granting removal permission is, in fact, granting modification permission.

      was (Author: Nicole Lassally):
    BTW, if all you are using the prim for is just a folder for the items you are selling, there are simple scripts that automatically copy the items from the content into the inventory with just a click (or on rez), regardless of what the permission of the enclosing prim is.

In fact, that is something you should have done to help those customers who were surprised to find a box when they thought what they bought were clothing, without knowing how to open the box to copy the content into inventory.

(This is also precisely why you want to restrict the end-user from accessing your inside contents directly or take all of its content out because what you sell to them are the enclosing clothing items, not the smart script that you use to copy the items for them to their inventory, or any other scripts/texture that provide the functionality, such as your company logo files.) 

If all you are selling are clothing, and use the prim as a folder to hold your items but nothing more, then I can see why you don't understand how prims work in SL, and why you don't understand removing the parts inside the content is no different from unlinking the prims, or removing the textures that are burned into the prim itself, and why you don't see the connection between modification and removing contents from an object are the same thing.

Now, I figured out why you don't understand the simple dance ball example.  It has to do with basic knowledge of how prims work in SL under the hood.  If you understand what makes SL work from the technological point, then you will fully understand what this is all about.

Let me use texture as an example to illustrate this concept of how SL works, because stealing texture is one of the most complained subjects by most content creators.  Why is it such an issue?  Because it has to do with unscrupulous people removing textures from objects when they don't have permission to.

Let's use your company logo as an example.  Let's say you want to protect your company logo texture.  Because you burn your logo texture into the shopping bag that you used as a box set to sell to your customer, you only want your customer to retrieve the clothing inside that shopping bag (box), but not your company logo itself, so you put no-mod onto the shopping bag (box).  I totally understand your rationale to do that because they are entitled to the clothing but not your logo, so you don't want someone to take that texture out and start their own shop with your logo claiming their products are from your store.  That is why you insisted to allow them to remove content from your no-mod box to ensure they don't steal your logo because you want no-mod to protect them from stealing your logo texture.

But that is not how texture always works in SL.  Let's say you want to be fancy, and make your shopping bag switch its appearance between Christmas shopping theme logo and a regular logo.  How do you do that?  You put 2 texture jpeg files into the content of your shopping bag (box) - one for your regular logo and another for the Christmas logo.  Then you write a script to code the instructions to display your regular logo for 5 sec, and switch the texture to Christmas for another 5 sec.  This means instead of using Edit mode to burn your texture into the box's surface, you use the script to put switch the texture every 5 sec.  To do so, you have to put the script, your 2 logo texture files, as well as your clothing items that you sell into the content of that box.

Now, here is the catch.  When you do sell that to your customer, they will remove your script and your 2 logo texture jpeg files from the contents too, not just your clothing that they bought.  Now, your customer is a happy camper, and start a shop selling clothes under your brand, using your logo.  Do you like that?

Do you now not understand why allowing them to remove every items from inside the content of a no-mod prim is a bad idea because no-mod did not prevent them from taking everything out of it?  In this case, you would want them to take the clothings out, but not your logos or your smart script of switching logo every 5 sec.

Would you consider this as stealing your logos even though they paid for everything, and have every legit rights to remove every single items inside the content of your box, and do whatever they want with it because they own them after all?

Now, do you see the connection between removing the texture file inside the content and removing the texture that was burned into the box?  The difference is merely removing from the content and removing from the surface of the prim.  As of now, no-mod only prevents removal of texture from the surface of the prim, but did not prevent removal of texture from the content (when it should have been).  So if no-mod is working correctly, then it would prevent both cases, and block anyone from stealing your logo independent of whether the texture is burned into the surface or left inside its content.  Your self-destructive script cannot protect you from someone ripping your company logos texture files off from it.

This example also illustrates that items left inside a prim's content are not free-for-all to take.  When you bought that prim, you are not necessarily entitled to everything that is inside (such as your company logo) or what is on the outside (surface texture).  Allowing them to remove the texture inside the content is equivalent to allowing them to remove the surface texture too.

The reason why no-mod prevents people from ripping the surface texture of the box is preventing removal of its component (in this case, it is the texture on the surface), and in general, the items inside the content is also an integral component of that prim as much as the burned-in texture on its surface, because to make your logo switch every 5 sec on the surface requires the script and the 2 logo jpeg files reside inside the content to work together.  Removing the 2 log jpeg file becomes identical to removing the surface texture even if it is no-mod.

To illustrate this further, let's say you sell the clothing with no-mod.  No-mod clothing merely protects someone from ripping the texture off of it.  That is equivalent to blocking them from extracting/removing the texture from its content.  So do you not see no-mod is identical to no-removal? 

Hope this help you understand why there is granting removal permission is granting modification permission.
  
> No-Modify object is modifiable: anyone can disassemble and steal its contents
> -----------------------------------------------------------------------------
>
>                 Key: SVC-5054
>                 URL: http://jira.secondlife.com/browse/SVC-5054
>             Project: 2. Second Life Service - SVC
>          Issue Type: Bug
>          Components: Permissions
>    Affects Versions: 1.32 Server
>            Reporter: Nicole Lassally
>            Priority: Critical
>
> You can take contents out of a no-modify object!
> To reproduce permission bug:
> * Create an object
> * Set permission to copy-only (no-modify and no-transfer)
> * Put anything into its content with any permission, i.e., create a script with no-permission or drop an object with no-permission.
> * Give this object to someone
> * Once delivered, rez the object in-world and open its content
> * Copy all its contents (scripts including) into inventory
> * The contents deliver into inventory
> This means that anyone can disassemble all the scripts, texture or anything inside out of an NO-MODIFY object, and steal them from the object and use them on other object even when the object is no-modify supposedly!
> No-mod does not allow anyone to unlink or edit any of the prims in the object, but why does it allow people to dissemble its content and remove them out of the content and put it in the inventory and then use those parts to build their own object?  That is not what NO-MODIFY means.
> This is a big SECURITY RISK because someone can potentially take the payment script out of a NO-MODIFY object and put it into your own object and steal money from someone else.
> To make it clearer, you cannot drop things (scripts, textures or whatever) into the content of the no-mod object, BUT you can take things (scripts, texture, etc.) out of it from the object.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.secondlife.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        


More information about the Jira-notify mailing list