Pages

Tuesday, February 10, 2009

WARNING! Transfer security exploit

Last night we were tipped about a major security issue for all content creators in Secondlife.
I managed to create a copy of a non transfer item and give it to James. Once given the original permissions are reverted.
Anonymous: I was given information that results in any NO TRANSFER object now being turned into a TRANSFERABLE object. My friend was give 2 items which when in inventory are full permissions and can be given out
Our source then walked us through the simple process.
We will not tell you how it is done, or who showed us, but this is a major issue for all creators in SL.
JamesT Juno: we took a horse we had ourselves and made a copy we could sell or give away
JamesT Juno: we tried it too
JamesT Juno: we COULD reproduced it very easily

This has been reported to security@lindenlab.com and we hope they will act quickly to protect the already harassed content creators.

Hello, and thank you for your report to the Second Life security team.
This list is for reporting security issues that might compromise residents or the Second Life Grid.

We hope they do move fast before more find this method out and content creators lose more.

We will keep you updated on any replies from Linden Lab.

JamesT Juno
Dana Vanmoer
Click images to see full size

UPDATE:
Thank you for reporting this issue. I have created a security
ticket on your behalf (SEC-***) with the details that you provided.
We have been able to confirm what you reported and will be
escalating this to our development team who will ultimately deal
with the issue.

No comments:

Post a Comment