Make Experience permissions work like permissions in phone apps
Nyx Onyx
Today when you accept or deny an Experience it's an all-or-nothing thing. I think an Experience should only ask for the permissions it requires, and when requesting permission from the Resident it should be possible to specify required perms, and optional perms: denying a required perm should have the same effect as if you denied the entire Experience, while the scripts should be aware of which optional Experience permissions has been granted and which ones has not been and work accordingly. Similarly, a phone app intended for taking photos and allowing you to tag friends in the photos will require the camera permission, but accessing contacts can be made optional, while the app should not have access to for example take screenshots of other apps running on the phone, sending SMS or making calls.
A bunch of shops now use Experiences to let you teleport to various places in the store, and I guess for other features as well. While I might not mind being teleported, I might not want to hand the keys away for controlling my viewer in other ways.
Log In
Journey Bunny
Yes please!
I've made some mock-ups of the 3 interfaces; Experience Owners could set permissions to Required or Enabled, depending on whether they're need-to-have or nice-to-have, and then I've got a mock-up of how users could be presented with the options.
It came up recently in discussions about eep and the ability for an experience to take advantage of the permission to create a nice setting, versus a user having a need to stop it from doing so, possibly having to resort to Personal Lighting. I think this setup adds middle ground for experiences to have hard-line requirements and softer "nice-to-haves" and sets a tone of trust with experiences.
(This would be Experiences 2.0, and ofc, all existing experiences would just be treated as v1, all-required ones)
Wulfie Reanimator
Giving Experience owners the ability to pick and choose which permissions their experience uses would be a great feature.
It helps with user confidence, since a lot of people complain about not knowing what an experience does / what permissions it uses.
However it shouldn't be possible to partially decline Experience permissions, it would take away from Experiences being used for seamless functionality.
The phone analogy doesn't really apply in SL since Experience permissions don't have security implications. They can't read your files, listen to your microphone, or watch your webcam.
nickvrtis Resident
At a minimum, it would be helpful to at least know what permissions the experience is requesting/we are granting.
Nyx Onyx
nickvrtis Resident The problem is that it's all or nothing as it stands today. If you allow the experience, you give it the keys to all functions an Experience can possibly do. I don't know if this list is complete, but even if you don't combine it with RLV then this is a lot.... https://wiki.secondlife.com/wiki/Category:LSL_Permissions/Experience Of course you can report the Experience Owner after the fact, but why shouldn't we have a more fine-tuned control to begin with?