[vlc-devel] [PATCH 14/14] upnp_server: add the upnp server module

Alaric Senat dev.asenat at posteo.net
Tue Mar 23 18:36:17 UTC 2021


I think Sean's concern was unrelated to the UPNP server and more to the 
the medialibrary is accessible to every modules even those that 
have to deal with it (decoders, muxers, etc.)

On Tue, Mar 23, 2021 at 13:42, Rémi Denis-Courmont <remi at remlab.net> 
> In particular, you obviously can't just expose the content of the 
> playlist to
> the network without strong authentication.

The UPNP server doesn't expose the main playlist. However, what it does
expose is the medialibrary which raises the same problematics you are 
about I think.

On Tue, Mar 23, 2021 at 13:42, Rémi Denis-Courmont <remi at remlab.net> 
> Not at all. It's not about preventing the UPnP code within the same 
> instance from accessing the playlist. It's about restricting remote 
> access to
> the playlist through the UPnP code. The UPnP code can very well 
> restrict
> itself what of the playlist it exposes, without any process isolation.

The current implementation of the server exposes most of the 
medialibrary (ml)

Basically what it mean is that, with the default setup of the ml, if 
the upnp
server module gets loaded by error or by an untrusted source,  it 
the media content of `~/Music/`, `~/Movie/` and potentially other ml
lookups entry points on the local network.

This issue can be a bit less of a problem if we:
	- Clearly notify the user that their upnp server is running, via the 
UI for
	- Add ml content exposure restrictions in the upnp server where it, by
    default, exposes nothing and the user has to specify exactly what 
    he wants exposed at each server startup (if that's the kind of 
    you are talking about).


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20210323/bd13a6f8/attachment.html>

More information about the vlc-devel mailing list