World: r3wp

Chrome works like AltME and works just fine with the Windows 2000 
security model. It does this by putting the program and its files 
in the local settings directory, then checking it before running. 
MySpace IM used to do this to allow students to load the program 
onto half-locked-down computers at their schools without getting 
permission from the admins (I was one such admin, so this was annoying), 
but Chrome seems to be much less of a security hole. AltME could 
quite easily work the same way.

The real problem is that no program in some directory under the Program 
Files directory should be putting its data files (or allowing writing) 
to the same directory as the program files. That's a Win9x thing, 
and insecure. If programs that are running outside of the system 
directories run with less privileges, then all the better.

As it is, Win7 (and to a lesser extent Vista) do exactly that kind 
of workaround for bad programs under Program Files, redirecting their 
data files to another ProgramFiles directory under local settings. 
It's tricky, but not as tricky as trying to make the programs secure 
otherwise. However, if you put your program directory somewhere where 
it can't figure out that aliasing, the system has to assume that 
you know what you are doing and you have to act accordingly and fix 
the permissions on the directory to match what you want to do.

Of course, this is all a consequence of user-based security being 
kind of a bad idea in the first place.

Giving myself write privgs on the altme directory has fixed the issue. 
 Tiresome this.  What exactly is the security problem with storing 
data with programs?

the problem is that windows sucks; the "don't write here" is ms's 
work around that.

The real problem is that no program in some directory under the Program 
Files directory should be putting its data files (or allowing writing) 
to the same directory as the program files.


I don't agree with this.  In fact, I vote that we have sandboxes 
(that are also folders), and a company can do what ever they want 
in their own sandbox.

You get into problems when companies dictate that pre-installed apps 
are on a read only partition, or there is a disk quota.

to me the problem is that MS should have created a real application 
framework... actually, only Apple with OSX seems to be really close 
to this.


there should be THREE root directories and only three dirs for each 
application.  windows has dozens, which is crazy.
1. Application SOURCE data (.exe, libs, datafile, etc)
2. Application STORAGE data (game saves, defaults
3. Application Temporary data, flushed on program quit by the OS.


within Storage, you'd have application and user-based storage and 
that's it.


The os refuses to execute any file not within application source 
dir, so you have already clamped down on a lot of security issues. 
 a list of approved .exe is stored whenever you launch an application 
for the first time.


for a bit more flexibility, several application dirs could exist, 
so that you can do stuff like compile items and run them locally 
within your dev environment, but these dirs would be explicitely 
registered within the os.


on install the Application should be required to ask permission (like 
flash) in how much space will be stored within STORAGE if it exceeds 
a max default, independently of SOURCE.


The implementation of MyXxxx folders is completely horrendous, and 
should be a simple and ubiquitous form that has one entry for each 
media type, and a browser where you want to put your stuff (which 
might not be user-specific).


IIRC this was addressed in Vista, but then they went and added aliases 
to everything, which raises errors in the explorer, cause you can't 
use them.  They alias core windows directories in other languages, 
the result being that explorer and actual disk info are different! 
 this completely fucks up many applications (like rebol).


windows has a hard time "fixing" things... they always just patch 
it... its worse since they have a hard time starting with any good 
implementation of anything to begin with.

I agree with Maxim...


But will extend a concept, which is that there should also be a Shared 
space, for example, where a given application ALLOWs anyone (or specific 
other apps) to change the data.

From what I understand this is only a problem under Windows 7 for 
non-themed applications. Themed applications use a "virtual" location. 
(Perhaps some Windows expert can confirm this).


I guess it is unlikely that AltME will be converted to a themed application.

Reichart, i agree with you, but that doesn't work with user-based 
security. That is application-based security, something that Windows 
doesn't support. You can argue with what the security model should 
have been, but that doesn't affect what is.

PeterWood, that distinction isn't between themed applications and 
non-themed - that distinction is unrelated.

Maxim, the changes to Vista just make it work more like OS X and 
some Linux distributions. You can use similar methods to deal with 
the confusion to the ones that work on those platforms.

more like OSX? in what way?

A hidden legacy filesystem hierarchy with a user-friendly one overlaid 
on top. And the sensible one to use depends on what you want to do, 
but command line tools (like REBOL) can quite easily access both, 
if you know what you're doing.

Public posts in the REBOL3 AltME world have just topped 125,000.....
   http://www.rebol.org/aga-index.r

.....Add in non [web public] posts and the world is twice as large.


Carl replaced the original REBOL AltME world because it had grown 
too large. And that was with just 80,000 posts in total. We may be 
seeing an application of Moor's Law here :)

...Or Moor's laziness? :)

I hope AltME will support Unicode soon. I have a REBOL Chinese group, 
And I would like to move it here.

Altme is not developped anymore

i fear

Well.. Since Reb2 don't have Unicode it would be really hard to do 
Unicode support into AltME .. After version 3, who knows.. Though 
I have to say that I have no idea of the AltME status. Earlier I 
though it belongs to some 3rd party company that just Used Rebol 
as a devtool.

AltME is sort of "replaced" by R3 chat on R3, in that Carl usually 
doesn't visit this place very often and prefers R3 chat. The practical 
implementation of R3 chat is different and the outcome makes it serve 
a different purpose than AltME.

On IOS, it was the dreaded recycle bug .. here it is "internet busy 
..."  :(

Some info that I hope clarifies...

1. AltME is from Safeworlds, independent of REBOL Tech.
2. AltME is still being developed, but is waiting for R3.
3. AltME may be updated before R3. So, be sure to report bugs.

4. IOS was traded to Safeworlds. But, it may still be possible to 
get a trial release for users.

5. I use AltME quite often, but I must avoid lengthy conversations 
in order to get work done.

6. R3 Chat is a backend prototype for AltME 3.0 -- which in final 
form will be more like IOS (allow user-built reblets.)

So, still under development, glad to hear that.

So in Altme 3.0, the community can build plugins

Yes, a blend of AltME and IOS.

the most bad bug of Altme is the occassional registration of World 
names. Last happened last week. It happens every 2-3 months ...

I don't understand... can you explain the problem?

yes, I run two worlds - Xidys, Vertuzo. It happened at least 5 times 
in last two years, that I lost world registration with no reason. 
Docs state, that we loose world registration, if world is not available 
to Safeworlds servers for 10 days. But it was not the case.....

There has to be some bug somewhere ...

Did you pay for your worlds Pekr?

Graham - no.

I am trying to track down a nasty bug, not a business model

So it appears to be only an issue with unpaid worlds?

me too ...

Pekr, are you using AltServe or AtlME?

AltME only ...

So, you use AltME for both server and client.

But I can guarantee, that the worlds are used. I was online the same 
day, and in few hours, worlds were not accessible, and altme.com/check 
stated world names being available. That should not happen.

Note that AltME when used as a server must be able to ping port 5500 
at regular intervals. That's how Safeworlds keeps your world registered.

If the Safeworlds server does not see the ping, then it cannot reset 
the timer on your world.

yes, I run 50 mikrotik routers, I know what I am doing :-) But - 
you say I need to open port 5500 INTO my network?

There are only two ways this can happen (that I can think of):
1. you have 5500 blocked (outgoing)

2. you are using AltServe (not AltME) and it does not ping (because 
it is commerical)

I just don't know how to track it down. The only thing I can follow 
is docs, which state, that altme.com tries for 10 days ... but it 
is not the case.

Try this in REBOL:
close open tcp://www.safeworlds.com:5500

everything enablet (outgouing)

I can grep the log... 1 min.

It has to be open - I am right now on my own network.