Toward a Server Enforced Security Model
Saturday, March 8th, 2008
When Second Life was a closed source application, the programmers often relied on the client to enforce certain constraints and security checks. This was always a risky security policy, as even a closed source client can be modified. Now that Second Life is open source, this design is severely outdated.
Most everyone is familiar with megaprims, that is, prims larger than the normal 10 meter limit. While these are useful, they are a result of the client enforcing a 10 meter limitation on prim size, while the server did not enforce a limitation. This was only one early hint that this security model was becoming obsolete and long overdue for an overhaul.
More recently, due to the lack of server side enforcement, there have been exploits that allowed someone to read the source code to any LSL script, to read a notecard they did not have permission to read otherwise, and very recently fixed, an exploit that allowed anyone to take free copies any item straight from the contents of a vendor. This recent exploit even allowed someone duplicate as many copies of a no-copy item as they want.