[vlc-devel] Playlist item options security et al
Rémi Denis-Courmont
rem at videolan.org
Mon Dec 24 19:01:46 CET 2007
Le lundi 24 décembre 2007, Pierre d'Herbemont a écrit :
> On Dec 24, 2007, at 6:35 PM, Pierre d'Herbemont wrote:
> > What about simply lowering the m3u-extvlcopt Error message to a
> > Dbg message? The freebox module is fine without extvlcopt, and
> > extvlcopt doesn't add much...
>
> hum... Apparently they need:
>
> #EXTVLCOPT:ts-es-id-pid
> #EXTVLCOPT:no-video
> #EXTVLCOPT:audio-track-id=1001
>
> We could simply allow certain 'safe' options, such as those, when
> parsing m3u.
That's what I already stated several times. Indeed, the ASX parser
already does uses some playlist item options in a similar way. That
however would NOT work if certain insecure options (such as sout or
demux-dump) were needed. In this later case, a new
dedicated "restricted" sout option/plugin seems like the only safe
solution.
Another option is for Free users to use Free's own wrapper around VLC.
extvlcopt option can be enabled there.
As with JB's _amazing_ work on the Qt4 plugin and as with human beings
in general, the unhappy ones are much more noisy (or then nobody likes
me trying to fix VLC security issues). That won't make me change my
mind, I've long since grown used to doing ungrateful tasks (cleaning up
the API and the build system being another ones).
While I'm on it, thanks for those keeping the forums alive, and taking
care of the servers, ML moderation and builds. Some very much needed
and ungrateful stuff that I don't do.
Merry Christmas.
--
Rémi Denis-Courmont
http://www.remlab.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20071224/3f501dbe/attachment.sig>
More information about the vlc-devel
mailing list