[vlc-devel] Lua extension and vlc.misc

[Rémi Denis-Courmont]

Le mardi 28 février 2012 21:41:16 Jean-Baptiste Kempf, vous avez écrit :
> On Tue, Feb 28, 2012 at 08:31:13PM +0200, Kaarlo Räihä wrote :
> > Do these contain full paths? (e.g. /home/myname or
> > c:\users\peter.jackson) Because some people might complain about privacy
> > violations, like they did with automatic album art downloads.
> 
> This statement about privacy of folders is even more ridiculous, that any
> .dll plugin of VLC has access to all of those.

Plugins are native code, so yeah they have full user permissions.

> And plugins can be automatically loaded, with the right score.

Plugins execute code at the time of enumeration. They don't need a non-zero 
score to blow up the system.

> While, by default extensions are not loaded.

Hmm? How do we get the extension name then?

> And we do not sign .dlls.

Since when does v.o offer external plugins for download?

We do have site for extension. People are quite right to expect that 
extensions cannot harm their systems if they get them from v.o, just like they 
expect vetted Firefox extension and modile phone apps not to harm them.
There are only two ways to do that:
- review (not applicable to a volunteer organisation),
- sandboxing.

I advocated sandboxing *before* someone else went and merged the then bug-
ridden extension code without any thinking on security aspects. Someone just 
pushed this through not long before the release, because it was so cool and so 
urgent to get it in.

-- 
Rémi Denis-Courmont
http://www.remlab.net/
http://fi.linkedin.com/in/remidenis