Jump to content

Forced Teleportation Griefing

broy12211488313522
 Share
You are about to reply to a thread that has been inactive for 4335 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

LRV Krimmer

LRV Krimmer

Posted
Posted

i was in the group of people broy1221 is talking about and yes cause one of our freinds was driving around in a car that u half have to attach to the avatar so it went with him but in reverce dirty people can use it to push traffic up and me myself didnt even have a cancel butten to stop it we was in the greifers control untill i logged out and broke conection

Link to comment
Share on other sites
GothGirl Demonia

GothGirl Demonia

Posted
Posted

I am looking for the new Force Teleportation script I saw it being used in the SandBox today but I can't seem to find one if anyone has it drop it by my SL inventory if you wish I will make some good use of it, and can think of a few things id like to try with it.

I believe that if I am right this would totally change the way StarGates for example work in Second Life and offer some new perks like the game portal you know people who made the portal guns?

Thanks :3.

Link to comment
Share on other sites
Perrie Juran

Perrie Juran

Posted
Posted

16 wrote:

oh! ok

was thought you maybe wanted the nawti one. sry

Marianne provide the link above to the proper one:

is an example script on there that show you how to use. is pretty good to make stargates and portals and stuff like that

Nah, I think she just wants to get herself perma-banned.  She did say in another thread she was quitting SL anyways.

Link to comment
Share on other sites
Perrie Juran

Perrie Juran

Posted
Posted

Ceka Cianci wrote:

i thought these things were supposed to go to members that qualified for them?

or is this something else?

 

You raise a very good point here.  In his original blog post Rodvik did state:

"One of the key goals of Linden Realms was to learn more about what tools Residents could use to develop richer experiences in Second Life — and boy, did we learn a lot! In Q1 2012 , we will be releasing new tools used to develop Linden Realms, which will allow Residents to create even richer original experiences in Second Life. To prevent abuse of these tools, we will introduce a "creators" program in which verified members will be given access to these very powerful capabilities."   (my bolding)

http://community.secondlife.com/t5/Featured-News/CEO-Rodvik-Humble-Shares-Highlights-From-2011-and-his-Outlook/ba-p/1298823

Apparently the security flaw was deeper than just having the function enabled.

Regardless of who is given access to these tools, a land owner should have the ability to turn the function OFF on their property.  Really, just like 'damage,' it shouldn't be ON by default.

Link to comment
Share on other sites
Ceka Cianci

Ceka Cianci

Posted
Posted

Perrie Juran wrote:

Ceka Cianci wrote:

i thought these things were supposed to go to members that qualified for them?

or is this something else?

 

You raise a very good point here.  In his original blog post Rodvik did state:

"One of the key goals of Linden Realms was to learn more about what tools Residents could use to develop richer experiences in Second Life — and boy, did we learn a lot! In Q1 2012 , we will be releasing new tools used to develop Linden Realms, which will allow Residents to create even richer original experiences in Second Life. To prevent abuse of these tools, we will introduce a "creators"
program in which verified members will be given access to these very powerful capabilities
."  
(my bolding)

Apparently the security flaw was deeper than just having the function enabled.

Regardless of who is given access to these tools, a land owner should have the ability to turn the function OFF on their property.  Really, just like 'damage,' it shouldn't be ON by default.

it will be interesting to see how  long it takes  before they get this resolved..

if they haven't already..

 

Link to comment
Share on other sites
Qie Niangao

Qie Niangao

Posted
Posted

Apparently the security flaw was deeper than just having the function enabled.

Shallower, actually, in that it had nothing to do with eXperience Permissions stuff at all. It was just a simple bug in the new LSL function, llTeleportAgent(), which can be used with common old permissions, too.  

As insane as it sounds, the bug was that PERMISSION_TELEPORT, once obtained, sufficed to teleport anybody, as long as it wasn't done on the one RC version (Magnum) where the function could actually compile.

One might suppose that all this was due to some vestigial code that made Linden Realms work for Linden-owned scripts without real XP.

Link to comment
Share on other sites
Perrie Juran

Perrie Juran

Posted
Posted

Qie Niangao wrote:

Apparently the security flaw was deeper than just having the function enabled.

Shallower, actually, in that it had nothing to do with eXperience Permissions stuff at all. It was just a simple bug in the new LSL function, llTeleportAgent(), which can be used with common old permissions, too.  

As insane as it sounds, the bug was that PERMISSION_TELEPORT, once obtained, sufficed to teleport
anybody
, as long as it wasn't done on the one RC version (Magnum) where the function could actually compile.

One might suppose that all this was due to some vestigial code that made Linden Realms work for Linden-owned scripts without real XP.

Thank you for clarifying.

I still don't know what the full purpose or reason for this function is, but further enlightenment notwithstanding, I am still presently of the opinion that a land owner should have the option on this function to turn it off or on.

Link to comment
Share on other sites
161488303349

161488303349

Posted
Posted

just comment on this and what you said later on below

the purpose of them is is to be able to make teleporters and portals like on the Realms

"experience permissions" dont have any permissions request like we normal understand them. like you not asked on a dialog to grant or deny. an experience script can assume that you have granted permission just bc it can detect your presence

so in one sense they more properly called a assumed-permission experience i think

assumed-permission experiences are a problem except on a dedicated sim or group of sims set up specifically for this. like on linden realms. when you leave the realms sims then the assumed-permissions are revoked when done as documented

they actual quite cool how they work when implemented the proper way

+

outside of a dedicated sim/sims group tho is quite problematic how to grant/revoke assumed-permssions

what linden did was graft these realms-style functions onto the existing permissions system, so we can get the normal accept/deny dialog. so thats ok

when they done the graft linden not implement it properly. was a case of WOMDCAC. works on my dev computer and channel

so what happened was some people made scripts that grab avatar uuids. a assumed-permission is then granted on other channels to the script and woosh!!!

you have to mod/write extra stuff to make a nawti one to do that way. like actual grab the uuids and then invoke the woosh

+

seems like linden has fixed now so will be ok

altho is a deeper problem i think. stuff not being tested properly. hopefully this will be a wake up for linden and they will be more careful to actual test stuff better in future

Link to comment
Share on other sites
161488303349

161488303349

Posted
Posted

Perrie Juran wrote:

I am still presently of the opinion that a land owner should have the option on this function to turn it off or on.

if was me i would make assumed-permissions a group enabled experience

if the script belong/assigned to the group and the player is wearing the group tag then the assumed permissions can apply. if not then they cant

that way is not parcel or land based. group owners can also then add/remove parcels to the group. where that can be tested for

so is a check server side

if isSameGroup then can assume permission when avatar is detected anywhere on the grid

if isSamegroup and isOverGroupLand then can assume and do/allow group land stuff

+

could also then make groups scriptable levels as well. that be quite good bc can then ask if avatar is in a level. like:

if isSameGroup and isGroupLevel("killonsight") then power up armor

if isSameGroup and isGroupLevel("goldcustomer") then give them some gold stuff

if isSameGroup and isGroupLevel("clubvip") then teleport to vip room

stuff like that

Link to comment
Share on other sites
GothGirl Demonia

GothGirl Demonia

Posted
Posted

LOL I am looking for the so called naughty one technically, and will be searching google until I find it.

Well I am looking for the one like Linden Lab has at the welcome areas where you just bump into the object and you are teleported to a destination I think it is pretty awesome so technically I guess people could abuse and have been but I like the way it works it can be used for some good purposes :3.

Some people are calling this an Exploit I am not sure if it is that.

Link to comment
Share on other sites
Pussycat Catnap

Pussycat Catnap

Posted
Posted

Perrie Juran wrote:

Ceka Cianci wrote:

i thought these things were supposed to go to members that qualified for them?

or is this something else?

 

You raise a very good point here.  In his original blog post Rodvik did state:

"One of the key goals of Linden Realms was to learn more about what tools Residents could use to develop richer experiences in Second Life — and boy, did we learn a lot! In Q1 2012 , we will be releasing new tools used to develop Linden Realms, which will allow Residents to create even richer original experiences in Second Life. To prevent abuse of these tools, we will introduce a "creators"
program in which verified members will be given access to these very powerful capabilities
."  
(my bolding)

The lindens have a history of being poor judges of character and working with people of shady ethics as a result...

 

Link to comment
Share on other sites
GothGirl Demonia

GothGirl Demonia

Posted
Posted

Yeah this is exactly what I was talking about I remember when I accidently bumped a Linden Realm teleporter i was instantly taken there, I feel this is a very great feature, and it is sad that such had to be abused recently because of not I had some good uses for such.... This is exactly what I talk about stupid griefers... Anyways I suppose if they add a feature similar to the Debit permissions that grants an object permissions to teleport you it wouldn't be so bad because then you grant it permission one time, and it has permission when you bump into it to teleport you...

However this can still be used as a griefer function by using a hud to spam a persons client with multiple objects so that their client crashes add that to all the known griefs you still have a griefer tool just not a teleportation grief, although maybe LL will come up to a solution to this although some clients actually have a block spam feature that works fairly well.

I can't wait for some of these new features :3.

Link to comment
Share on other sites
161488303349

161488303349

Posted
Posted

when linden fix the request permission for the normal style permissions system then we will get some of the things like autoteleport. wont be able to auto-teleport anyone tho without them agreeing by click the dialog. same like how animate requests work

+

the full on experience permissions like in the video we not going to get except under some yet unknown controlled system. dont think linden even knows how they going to do that yet. except by sandbox the sims like how they done on Realms

i am vote for a group permissions system. but might be to expensive to do. like have to make a whole new groups system to do i think. is maybe possible bc the normal groups system is kinda broken anyways bc of the load it now under

Link to comment
Share on other sites
Qie Niangao

Qie Niangao

Posted
Posted

the full on experience permissions like in the video we not going to get except under some yet unknown controlled system. dont think linden even knows how they going to do that yet. except by sandbox the sims like how they done on Realms

i am vote for a group permissions system. but might be to expensive to do. like have to make a whole new groups system to do i think. is maybe possible bc the normal groups system is kinda broken anyways bc of the load it now under

I'm not sure I'd favor group-based experience permissions. (I would favor a ground-up re-write of the groups system, but that's a different discussion.)

Overall, I think we need something more like the Android app permissions system, where we explicitly grant a bundle of permissions to an "experience", and then scripts that are part of that experience (share some secret token) can exercise those permissions until we decide to revoke them, as if we were uninstalling an app.

We really, really need to be able to revoke experience permissions, and review which experiences have which permissions on us.

There are lots of details hiding behind that magical "secret token" I invoked above. It's a fun design problem, but the Lindens have kept this whole experience tools thing shrouded in mystery wrapped in NDAs.

And we see how well that's worked out.

Link to comment
Share on other sites
161488303349

161488303349

Posted
Posted

Qie Niangao wrote:

We really,
really
need to be able to revoke experience permissions, and review which experiences have which permissions on us.

There are lots of details hiding behind that magical "secret token" I invoked above. It's a fun design problem

am agree about being able to revoke permissions. would just argue that if can revoke permissions then cant execute them yourself. like if you can revoke permissions to stop someone else shooting you with a portal gun then your portal gun shouldnt be able to work either

is why i thought some kinda group tag would be the easy way to enable/disable things. if not wear the group level tag then can wander round OOC all day and nothing will happen to you on the arena and you cant do anything to others either. no matter how many scripts you loaded up with

+

have no idea what linden is doing really. i never get invited to any sekrit meetings ever

unless the secret token is done soemhow like a temp session key then cant see how is going to stay secret for very long   

 

 

Link to comment
Share on other sites
You are about to reply to a thread that has been inactive for 4335 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...