[vlc-devel] Patch for ticket 1371 (security policy)
Damien Fouilleul
damien.fouilleul at laposte.net
Fri Feb 8 20:28:51 CET 2008
that patch sounds interesting but i think we can do better than that
by replacing b_explicit with the name of the object creating that
option, i.e CLI would be "main". That way we can specialize the
security policy on a per creator basis.
as before, the default policy would be to prompt, but and you could
create a list of trusted creators whose policy is to allow unsafe
options (CLI, rc, telnet, etc...), and similarly you could create an
untrusted list of creators whose policy is to block unsafe options,
etc... all controllable through the CLI, i.e
--default-security-policy=prompt
--trusted-security-list="main, rc, telnet"
--untrusted-security-list="asx, m3u"
etc...
Damien
On 8 Feb 2008, at 15:34, Rafaël Carré wrote:
> Hello,
>
> Here is a patch which allows unsafe options explicitely selected on
> command line.
>
> The problem is that it doesn't detect --sout="#XXX" , since it's
> parsed
> in another place, and I don't know sout enough to know if sout chain
> can
> be passed ONLY by command line.
>
> That'd be nice to finally sort this out, in order to release 0.8.6e
>
> --
> Rafaël Carré
> Index: src/misc/variables.c
> ===================================================================
> --- src/misc/variables.c (revision 24984)
> +++ src/misc/variables.c (working copy)
> @@ -1110,6 +1110,8 @@
> case 1: /* allow */
> break;
> case 2: /* prompt */
> + if( p_config->b_explicit )
> + break;
> {
> char description[256];
> snprintf(description, sizeof(description),
> _("playlist item is making use of the following unsafe option '%s',
> which may be harmful if used in a malicious way, authorize it ?"),
> psz_name);
> Index: src/config/chain.c
> ===================================================================
> --- src/config/chain.c (revision 24984)
> +++ src/config/chain.c (working copy)
> @@ -331,6 +331,8 @@
> case 1: /* allow */
> break;
> case 2: /* prompt */
> + if( p_conf->b_explicit )
> + break;
> {
> char description[256];
> snprintf(description, sizeof(description),
> _("playlist item is making use of the following unsafe option '%s',
> which may be harmful if used in a malicious way, authorize it ?"),
> psz_name);
> Index: src/config/cmdline.c
> ===================================================================
> --- src/config/cmdline.c (revision 24984)
> +++ src/config/cmdline.c (working copy)
> @@ -278,6 +278,9 @@
> p_conf = config_FindConfig( p_this, psz_name );
> if( p_conf )
> {
> + p_conf->b_explicit = VLC_TRUE;
> +
> /* Check if the option is deprecated */
> if( p_conf->b_removed )
> {
> @@ -340,6 +343,9 @@
> /* A short option has been recognized */
> if( pp_shortopts[i_cmd] != NULL )
> {
> + pp_shortopts[i_cmd]->b_explicit = VLC_TRUE;
> +
> switch( pp_shortopts[i_cmd]->i_type )
> {
> case CONFIG_ITEM_STRING:
> Index: include/vlc_configuration.h
> ===================================================================
> --- include/vlc_configuration.h (revision 24984)
> +++ include/vlc_configuration.h (working copy)
> @@ -192,6 +192,7 @@
> vlc_bool_t b_unsaveable; /* Config should
> be saved */
>
> vlc_bool_t b_safe;
> + vlc_bool_t b_explicit; /* Explicitely requested on command
> line */
> };
>
> /
> *****************************************************************************
> _______________________________________________
> vlc-devel mailing list
> To unsubscribe or modify your subscription options:
> http://mailman.videolan.org/listinfo/vlc-devel
_______________________________________________
vlc-devel mailing list
To unsubscribe or modify your subscription options:
http://mailman.videolan.org/listinfo/vlc-devel
More information about the vlc-devel
mailing list