[vlc-devel] [PATCH 2/2] cli: also mark --cli-host as deprecated
Rémi Denis-Courmont
remi at remlab.net
Sat Nov 21 14:57:58 CET 2020
Le lauantaina 21. marraskuuta 2020, 13.00.00 EET Pierre Ynard via vlc-devel a
écrit :
> > (This was from the removed Lua RC interface.)
> > ---
> >
> > modules/control/cli/cli.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/modules/control/cli/cli.c b/modules/control/cli/cli.c
> > index 1cd3f846cf..91dce3d311 100644
> > --- a/modules/control/cli/cli.c
> > +++ b/modules/control/cli/cli.c
> > @@ -793,6 +793,7 @@ vlc_module_begin()
> >
> > #endif
> > #endif
> >
> > add_obsolete_string("rc-host") /* since 4.0 */
> >
> > + add_obsolete_string("cli-host") /* since 4.0 */
> >
> > set_capability("interface", 20)
>
> It does fix the limbo state that this option had fallen into, but as
> I explained in #25204, I believe it would be better to keep the TCP
> mode feature and have the CLI keep honoring --cli-host in addition to
> --rc-host.
TCP mode as it stands cannot be kept because it's a trivial RCE (or local
escalation on loopback) regardless of the RC implementation. There are only
two options, replace it or remove it.
Thing is, there are already several replacements, Unix socket mode (local),
HTTP controls (remote) being the obvious ones, so the question is kind of moot
- unless we plan to drop those too (which I doubt).
--
Rémi Denis-Courmont
http://www.remlab.net/
More information about the vlc-devel
mailing list