Forums


Threat levels

Creating scripts

Threat levels

Postby Handy Low » Thu Apr 06, 2017 12:48 pm

I'm surprised to discover that osMessageObject(), which has a threat level of "low" according to the OpenSim docs, apparently cannot be executed by a visitor to a world.

The error I'm getting is:
Code: Select all
[05:28] System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> OpenSim.Region.ScriptEngine.Shared.ScriptException: OSSL Runtime Error: osMessageObject permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.
  at OpenSim.Region.ScriptEngine.Shared.Api.OSSL_Api.OSSLError (System.String msg) <0x41325240 + 0x00084> in <filename unknown>:0
  at OpenSim.Region.ScriptEngine.Shared.Api.OSSL_Api.CheckThreatLevel (ThreatLevel level, System.String function) <0x40f226b0 + 0x000ab> in <filename unknown>:0
  at (wrapper remoting-invoke-with-check) OpenSim.Region.ScriptEngine.Shared.Api.OSSL_Api:CheckThreatLevel (OpenSim.Region.ScriptEngine.Shared.Api.Interfaces.ThreatLevel,string)
  at OpenSim.Region.ScriptEngine.Shared.Api.OSSL_Api.osMessageObject (LSLString objectUUID, System.String message) <0x40fedef0 + 0x00043> in <filename unknown>:0
  at OpenSim.Region.ScriptEngine.Sha


The script works fine for the owner of the world, but a visitor executing the script in a prim they own (as an attachment) gets that instead.

Are low-threat functions like this really not allowed except for world owners? Or is there something else happening here?
Handy Low
User avatar
Handy Low
 
Posts: 231
Joined: Fri Nov 08, 2013 3:38 pm
Location: Yorkshire, England
Has liked: 206 times
Been liked: 140 times

Re: Threat levels

Postby Ilan Tochner » Thu Apr 06, 2017 2:47 pm

Hi Handy,

As per https://www.kitely.com/virtual-world-news/2012/04/18/supported-ossl-functions/ osMessageObject is limited to objects that are owned by the owner of the world the function is called in.

Our evaluation of the risk inherent in each function call is similar but not exactly the same as the default OpenSim threat levels. The aforementioned Kitely article defines the function access permissions in Kitely.
User avatar
Ilan Tochner
 
Posts: 4101
Joined: Sun Dec 23, 2012 8:44 am
Has liked: 1829 times
Been liked: 2164 times

Re: Threat levels

Postby Handy Low » Thu Apr 06, 2017 3:10 pm

Thanks, Ilan. It looks like each object is going to have to have a listener open, then.
Handy Low
User avatar
Handy Low
 
Posts: 231
Joined: Fri Nov 08, 2013 3:38 pm
Location: Yorkshire, England
Has liked: 206 times
Been liked: 140 times

Re: Threat levels

Postby Ilan Tochner » Thu Apr 06, 2017 3:17 pm

We'll look at osMessageObject implementation again to see if things changed since we decided on the classifications quite a few years ago. If we conclude it can be made more widely accessible then we'll do so.
User avatar
Ilan Tochner
 
Posts: 4101
Joined: Sun Dec 23, 2012 8:44 am
Has liked: 1829 times
Been liked: 2164 times

Re: Threat levels

Postby Handy Low » Thu Apr 06, 2017 3:23 pm

Thanks Ilan. Much appreciated - it would be so much better if we could use osMessageObject like this. It's an insanely useful and efficient function.
Handy Low
User avatar
Handy Low
 
Posts: 231
Joined: Fri Nov 08, 2013 3:38 pm
Location: Yorkshire, England
Has liked: 206 times
Been liked: 140 times

Re: Threat levels

Postby Ramesh Ramloll » Thu Apr 06, 2017 3:30 pm

Thanks Ilan, though I am not keeping my hopes up. In any case, I feel that your focus is probably elsewhere now and we will adjust our presence accordingly in time to come. Looking forward to seeing all the good things that High Fidelity brings to the table as the transition happens.
User avatar
Ramesh Ramloll
 
Posts: 141
Joined: Sun Jan 13, 2013 5:16 pm
Has liked: 48 times
Been liked: 121 times

Re: Threat levels

Postby Ilan Tochner » Thu Apr 06, 2017 3:56 pm

Thank you Ramesh but any new service option we add will be an addition, not a replacement, for our existing OpenSim-based offering. There is really no need to look for alternatives for OpenSim-based services given that we have no plans to take anything away from what we offer for OpenSim. In any case, it is always best practice to wait for our official announcements before deciding what their implications may be.

Ever since we've started our business we've been very transparent with our plans, have given advanced notice in cases when it was relevant and have made sure people have full answers to all their questions once we made our official announcement. Discussing Kitely's High Fidelity based offering at this time is very premature.
User avatar
Ilan Tochner
 
Posts: 4101
Joined: Sun Dec 23, 2012 8:44 am
Has liked: 1829 times
Been liked: 2164 times


Return to Scripting

Who is online

Users browsing this forum: No registered users and 1 guest