Notecard in contents of prim: Delete but not copy, LSL can read it but no one else?

[Domitan Redenblack]

I want to put notecards of info into an object which has a script that can read the lines.

I want the owner to be able to delete notecards and add new ones.

Some notecards I want to be able to delete, but not copy or read by people.

 

Any suggestions?

 

Ty

 

[Dora Gustafson]

Why can't you just give them permissions accordingly?
(i.e. Next owners permissions)

[Domitan Redenblack]

Permissions are extraordinarily confusing. The prim itself comes in two versions (1) Modify, noCopy, Transfer and (2) Modify, Copy, noTransfer.

I don't want the notecards inside messing with those abililties.

Some of the notecards inside the prim are full perms; no brainer there. You can delete and read and modify them as you wish.

To set allow-delete but not-read, not-modify, not-copy of a notecard, which perms should be set when on the notecard? And does this muck up the perms of the prim containing it?

Can a notecard inside an prim be read by the LSL script in the prim no matter what the notecard's perms are?

What if I drop in another script to read it and report to local chat etc? Do I need to check updates/additions and delete any scripts which are dropped in on CHANGE ?

This is not a simple open-and-shut issue, thanks.

 

 

[Dora Gustafson]

A script contained with a note card can read the card no matter the card permissions.

The only way through this mess is by trial and error
To that end an Alt is invaluable

If permissions are important I wouldn't dare not to run a test with an Alt

[Qie Niangao]

There's bound to be some end-user inconvenience resulting from the discrepancy between "The prim itself comes in two versions (1) Modify, noCopy, Transfer and (2) Modify, Copy, noTransfer" and "Some notecards I want to be able to delete, but not copy or read by people."  Any no-copy contents such as these notecards will have to be removed before that object can actually be copied.

On the plus side, because the object itself is modifiable, its contents can be deleted by the end user, regardless of the permissions on those contents themselves.  So you don't have to worry about any special "delete" permissions.

Also, the object will show in Inventory as having no perms at all

Like Dora, I have to test permissions every time I make anything for anybody else to use.  Off the top of my head, I couldn't tell you what the permissions have to be in order to keep a notecard from being human-readable, and that's what I'd be trying to determine and work with, if I had this problem. (I suspect that Copy permission completely determines human ability to read the contents, but I'd sure want to test that.)

It's important to note, however, that a significant share of the SL population knows to use a script to read any notecard they encounter that's not human-readable, so it's nowhere to keep real secrets.  For that, you might switch to storing the contents as string constants in a script, or communicating with an http server.

[Nova Convair]

A no mod notecard in a no mod object can't be deleted. But you can take out the notecard into inventory and read it. (if you delete the NC it vanisches but if you close and reopen the edit window you see it's still there)

A no mod no copy notecard in a no mod no copy object can't be deleted, but you can take it out and not back in. And you can NOT read the notecard.

For all the other combinations, take a sheet of paper and an alt and test it.

[Domitan Redenblack]

So dropping a script into the prim can then read the notecard that is "locked" .... How should I prevent this?

 

 

[Nova Convair]

---

Domitan Redenblack wrote:

So dropping a script into the prim can then read the notecard that is "locked" .... How should I prevent this?

 

 

---

Make prim no mod.

[Darkie Minotaur]

You could store and retrieve whatever you have in the nc out-world and get it from there - with as many Fort Knox meassures as you deem necessary.

[Domitan Redenblack]

---

Nova Convair wrote: Make prim no mod.

---

Needs to be mod to add/delete notecards, I think.

[Nova Convair]

Yes

It needs to me mod if the customer is allowed to add delete something to the object.
It needs to be no mod if the customer must not add scripts to the object.
The notecard inside needs to be no mod no copy if it's supposed to be unreadable.

If that doesn't fit your needs - well - get another idea, encrypt the notecards, whatever, you have to live with it.

[PeterCanessa Oh]

To prevent copying and reading the notecard and prim must be no-mod and no-copy.  To allow delete simply offer that as a menu-option or command and then delete the notecard by script.  To allow adding notecards provide another 'gatekeeper' object, which is mod, and script, which is not.  Owner adds notecard to gatekeeper, gatekeeper passes notecards to 'locked' object, gatekeeper deletes everything except the script still in its contents.

[Qie Niangao]

---

... Owner adds notecard to gatekeeper,

gatekeeper passes notecards to 'locked' object

, gatekeeper deletes everything except the script still in its contents.

---

Will that work?  The wiki says: 

• If destination object is not modifiable then inventory is not transferred and a Blocked by permissions error is shouted on the DEBUG_CHANNEL.

Won't that defeat the gatekeeper?

I still think the simplest, quickest way to have text not viewable by the end-user is to store it as strings in a script. The other way is to feed it from a server, either external or in-world, where the in-world approach needs redundancy to handle sim downtime, or could be supplied with the product -- a kind of "gatekeeper" that passes text rather than a notecard containing the text.

EDIT: I've been reminded that permissions of the containing object can mask the permissions of notecards contained within, so it would be important to test what's visible from Inventory, as well as what can be seen when the notecard is inside the object's contents.

[Domitan Redenblack]

---

Qie Niangao wrote: I still think the simplest, quickest way to have text not viewable by the end-user is to store it as strings in a script. 

---

That means that you get less than half the 64k limit (1975 limits) to use.

[Domitan Redenblack]

Interesting, it appears that you can drop (at least) notecards and textures into items which are No-Modify, but you cannot drop scripts into them. So this retains security for the object notecards.

Using a menu to delete notecards appears to be the best way to solve this, with the Object set to No-Modify.

Of course, the creator retains all permissions, yes?

 

[Nova Convair]

---

Domitan Redenblack wrote:

Of course, the creator retains all permissions, yes?

 

---

The permissions you set are not for you the creator they are the "next owner permissions", thats the one you or your vendor gives it to.

That's why you need an ALT to test it. You cannot test it yourself.

[PeterCanessa Oh]

---

Qie Niangao wrote:

---

Will that work?  The

wiki says

: 

• If 
  destination
   object is not modifiable then 
  inventory
   is not transferred and a 
  Blocked by permissions
   error is shouted on the 
  DEBUG_CHANNEL
  .

 

---

Bugger!  Good catch :-)