[FFmpeg-devel] 答复: [PATCH] fftools/ffmpeg_ffplay_ffprobe_cmdutils: add -mask_url to replace the protocol address in the command with the asterisk (*)

[Wujian(Chin)]

>Marvin Scholz (12022-12-19):
> I agree, but then the docs should probably mention that to not give a 
>> false sense of absolute security here. And maybe note that it might

>Indeed, documentation is necessary.

Is it appropriate to describe this document? Please give some suggestions. Thank you , everyone.

fftools-common-opts.texi 
@item -mask_url -i @var{url} (@emph{output})
If the protocol address contains the user name and password, the ps -ef
command exposes plaintext. The -mask_url parameter option is added to
replace the protocol address in the command line with the asterisk (*).
Because other users can run the ps -ef command to view sensitive
information such as the user name and password in the protocol address,
which is insecure.
@example
ffmpeg -mask_url -i rtsp://username:password-ip:port/stream/test
@end example


>> be a better option to pass the password via stdin or hide the process 
>> from other users to completely avoid leaking the password.

>Unfortunately, as far as I know, we do not have any mechanism of the kind. That would be useful.

>Regards,

--
>  Nicolas George
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel at ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".