How secure are scripts today?

[Gregory McLeod]

I am developing a system which currently requires a password to be loaded by the script and is used for all communications between prims and between the prims and a a website.

Setting up a new instance of the system requires someone in authority to be present when the prims are "built" and load the password into the objects. This is obviously time consuming and prevents a distribution of a copy of the system to a new owner.

So my question/s

If all the prims can only be edited by a pre-named avatar and the scripts within the prims are all locked (permissions) can I assume that noone can get at the script content?

I am aware that dumping the prims to another environment has in the past meant that the content is n ot secure. Is this still the case?

TIA

 

[Rolig Loon]

Scripts are all handled server side, so you can't hack your way into one through the viewer, if that's part of your worry.  That makes scripts the most secure assets in SL.  As long as you make a script no mod, nobody can break into it without your permission (well, except a Linden).  I'm not sure how wide-reaching your concern about dumping a prim into another environment may be, but I can't see that carrying a prim around and rezzing it in new places is going to make it any easier to hack its scripts.  Unless I'm missing something.

[Gregory McLeod]

Hi Rolig,

I am sure I have heard of one of the environments (no names to protect my sanity) into which if you copied a Prim with scripts the scripts would if executed then become available. They are after all assets without which there aouwld be no purpose copying. My memory is not clear of exactly when this was possible but since my birth in SL.

I accept your comments  as of now.

I will have to confirm this before I jump as losing the scripts for this system could be expensive (for me).

 

[Rolig Loon]

I'm still not clear about what sort of "environments" you're thinking about.  If the new environment is another grid, then I don't see how a script is going to port over unless you have full perms on it.  If you're concerned about another region in the Main Grid, again, I can't think of a way that you can hack the permission system to see into a no-mod script.  I do have a very vague memory of a security flaw back in 2008 or thereabouts, but it's very vague.  The fact that I haven't heard any talk about it in recent years tells me that it was plugged years ago ... whatever it was.

I'm personally as confident as I can be that scripts are unhackable.  To get past the perms, you'd have to use a Linden tool to crack them, and only Lindens have the God powers to do that.

[Ron Khondji]

I think he might be talking about copybot.
Of wich I do not know if it can copy scripts.

[Freya Mokusei]

---

Ron Khondji wrote:

I think he might be talking about copybot.

Of wich I do not know if it can copy scripts.

---

It cannot copy scripts.

[Gregory McLeod]

To all who replied, thank you very much for reassuring me. I can now start work on rejigging the system confident that I would not be exposed to suits.

I have taken the best advice available!