[FFmpeg-devel] [PATCH 2/2] avformat: add protocol_whitelist

Michael Niedermayer michael at niedermayer.cc
Wed Jan 27 15:33:59 CET 2016


On Wed, Jan 27, 2016 at 02:04:06PM +0100, Michael Niedermayer wrote:
> On Sun, Jan 24, 2016 at 07:39:18PM +0100, Nicolas George wrote:
> > Le quintidi 5 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
[...]
> > 
> > > another problem of the struct is that depending on from which lib
> > > the protocols are set the same protocol may have unequal pointers
> > > 
> > > which system do people prefer ?
> > > do we have a volunteer to implement a struct based system ?
> > > 
> > > do people want the string based solution to be applied till then
> > > or to not have this security feature until then ?
> > 
> > Do we want a good fix, or do we want a quick fix? As I explained earlier, a
> > good fix requires designing a real security policy, not just a stupid
> > whitelist. It will take time.
> 
> a fix, good or not that isnt implemented is useless
> 
> I am not really attracted to the design you suggest, to me its worse
> in several ways but above all its alot more work. So I dont volunteer

to elaborate and avoid misuderstanding

redesigning Codec, Format and Protocol registration does make sense
iam not against that at all

but iam not motivated to implement that, its alot of work and
it feels alot more limited if used as the only way to whitelist
things instead of a seperate whitelist.
For example the string could easily be extended to support
specific chains of protocols like "https->tls->tcp" so that the user
is not allowed to directly pass tcp/tls urls but only https and https
itself then is only allowed to access tls, ...

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

In fact, the RIAA has been known to suggest that students drop out
of college or go to community college in order to be able to afford
settlements. -- The RIAA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20160127/4d644a18/attachment.sig>


More information about the ffmpeg-devel mailing list