[FFmpeg-devel] [PATCH 2/2] avformat: add protocol_whitelist

Nicolas George george at nsup.org
Sun Jan 24 21:32:59 CET 2016

Le quintidi 5 pluviôse, an CCXXIV, Andreas Cadhalpun a écrit :
> No. It would have prevented the issue with hls.

Reacting to known attacks by ad-hoc hole-plugging is no way of building
proper security.

> But it's usually only used with local files.

I do not know that. Do you?

> Why not?

Because remote files can be more sensitive than local ones. Because some
environment may download files, turning remote to local.

> How?

I do not know, but you can assume that someone knows and is selling that
information to the highest bidder.

We know that playlists can be abused to leak information. Reimar was warning
about it years ago. People implemented them nonetheless, and guess what, it
did cause information leak.

Now, your reaction is among the lines "the burglar left a footprint in front
of that window, let us wall it". I say no, walling is overkill, and walling
only that particular window is useless. We need to properly lock all the


  Nicolas George
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20160124/31f4edcc/attachment.sig>

More information about the ffmpeg-devel mailing list