MOO-cows Mailing List Archive

Re: Pueblo and Java.

Date: Fri, 8 Nov 1996 14:02:35 PST
From:
myoung+@pitt.edu (R. Michael Young)
Cc: John Leone <john@rdz.stjohns.edu>, moo-cows@parc.xerox.com
Content-Type: text/plain; charset="us-ascii"


>> > In any event those are my thoughts in this very preliminary stage.  The
>> > method is a security breach though, if someone knew the code, they could
>> > just send the player the url of nude babes on ice or something(chuckle)
>> >

I think there are really two types of objections that are being discussed
here.  One is where people place inappropriate audio or graphic material on
objects that are pueblo-ized.  The other is when unscrupulous players send
audio and graphic URLs to a pueblo client independent of the execution of
any URL-requesting verb by the player owning the client's session.

The first is a content issue.  It should be dealth with based on each MOO's
content policy.  The second, though, seems of a different kind.  Perhaps a
solution like MCP's authentication method could be used to ensure that any
URLs sent to a URL-smart client came from the server and not from a
spoofing player?  In this way, only URLs attached to objects or verbs could
be sent to clients.  As  a result:

1. ownership (and corresponding responsibility) would be easy to determine

2. Users would be able to avoid the offending material by avoiding the
verbs that resulted in their presentation.

-M


Mind the gap.
R. Michael Young
myoung+@pitt.edu
http://www.isp.pitt.edu/~young

Prev: Re: Pueblo and Java.
Next: Re: Pueblo and Java.
Index: MOO-cows
Thread: MOO-cows

Home | Subject Index | Thread Index