[vlc-devel] [PATCH] Mark some options as safe
Rémi Denis-Courmont
remi at remlab.net
Wed Mar 11 13:53:10 CET 2009
On Wed, 11 Mar 2009 13:05:07 +0100, Frederik Kriewitz
<frederik at kriewitz.eu> wrote:
> The Patch is marking some options, which are commonly needed if VLC
> is used as a streaming client, to be safe to allow usage in playlists.
I am not confident that caching values are safe, if using inadequately
large or small values. RTP misorder and dropout values are in a similar
situation. I could be too pessimistic here.
http-reconnect is a horrible hack in the first place. I believe making this
option safe would enable DDoS attacks through the VLC client.
I suspect vout-filter can be used as a proxy for any random setting (e.g.
"filter{opt1=val1,opt2=val2}"). If this is true, it's a non-starter.
--
Rémi Denis-Courmont
More information about the vlc-devel
mailing list