Showing posts with label scripting. Show all posts
Showing posts with label scripting. Show all posts

Tuesday, December 22, 2009

Eye on the Blog: Script Limits

Second Life is a rich and engaging interactive world due to scripts. Every time you open a door, fly a plane, sail a boat, use a vending machine or dance in a night club a Resident authored script is interpreting your interactions to make things happen.

Unfortunately the current scripting system does not include any mechanism to limit the number of scripts that can be added to the world or attachments on avatars. This allows both malicious Residents to cripple simulators by running huge numbers of scripts and well meaning Residents to accidentally run more scripts than a simulator can cope with.

When too many scripts are running in a region the server simulating that region runs out of memory, dramatically increasing the lag experienced in all regions running on the same server. This is especially noticeable in homestead regions as more homesteads run on a single server. In addition, when an avatar with many scripted attachments enters a region the simulator has a lot of work to do setting up the scripts to run in the new process, causing a lag spike that can be noticed by all Residents using that region.

At Linden Lab we are working with Mono developers to reduce the lag spikes experienced when scripts enter a region, adding scripting functions that allow more efficient scripts to be authored and building a system for limiting the resources used by scripts on a per m^2 and per avatar basis.

We're also working very hard to analyse the current memory usage by scripts across the grid to determine the best values for script limits that minimise the lag caused by simulators running out of memory while affecting as few Residents as possible.

We're planning to make script memory usage along with our proposed script limits visible to all Residents for an extended period before enforcing any limits. This will give us time to gather feedback on the proposed limits and identify any situations where we're going to be imposing unreasonable restrictions and give will give you time to compare your usage against the proposed limits, give us feedback and have plenty of time to prepare.

I'm looking forward to working with you all towards a lag free and more efficient Second Life in 2010.

Posted by Babbage Linden in the Second Life Blog.

Read comments under the blog post Here.

Sunday, May 4, 2008

ACE releases security risk info as a warning:

On Friday Intlibber Brautigan announced on the ACE Ancapistan website that a sercurity risk had been discovered that could allow those with specialised knowledge to recover the ATM scripts in bytecode format and transform them back into LSL scripting when ATMs were taken over parcel or sim borders.
Mr Brautigan informed Soft Linden of this vulnerability. However this breach was not unknown in fact it had been reported as much as a couple of months ago, Linden lab did not see fit to inform the residents. A patch was sent out about 4 weeks ago, but, because it was kept so quiet there may be many who didn't know of this and they may need to update their scripts.
Mr Brautigan also tried to inform SLeXchange of the possible threat with little response at the time, since then this message has appeared on the SLX forum:
"I just wanted to post here to reassure you all that there is no reason to worry; there is no security breach. Your account information, your items, and your L$ and USD are safe.
SL Exchange has been a viable and reliable service functioning securely with and within Second Life for almost four years. Shortly after first launching the site it became obvious that LSL scripts should not be "trusted" to A) work correctly or B) be secure. It is for that reason that the bulk of our security as well as nearly all of our logic / intelligence resides on our own servers. Furthermore, these routines have been specifically engineered and fine-tuned over the years so that problems with Second Life such as technical failures, security exploits, or whatever else, will have the least effect possible to SL Exchange."

Hopefully with the patch in place and very few people actually able to take advantage of this hole not too much damage has/will be done.
Its good to see some warning others of the possible threat though - maybe there is hope for human nature out there in our little world of SL.
Subscribe to: Posts (Atom)