[vlc-devel] [PATCH 14/14] upnp_server: add the upnp server module
Rémi Denis-Courmont
remi at remlab.net
Wed Mar 24 14:44:52 UTC 2021
Le tiistaina 23. maaliskuuta 2021, 20.36.17 EET Alaric Senat a écrit :
> Hi,
>
> I think Sean's concern was unrelated to the UPNP server and more to the
> way the medialibrary is accessible to every modules even those that
> shouldn't have to deal with it (decoders, muxers, etc.)
Sean's mail was not that specific. It just points out in a rhetorical question
that access to the media library should be restricted.
> The UPNP server doesn't expose the main playlist. However, what it does
> expose is the medialibrary which raises the same problematics you are
> talking about I think.
Fair enough, whatever. Playlist, media library, local file system, it all
faills under the same umbrella of private user data. It can only be shared to
authorized peers.
> Basically what it mean is that, with the default setup of the ml, if
> the upnp server module gets loaded by error or by an untrusted source, it
> exposes the media content of `~/Music/`, `~/Movie/` and potentially other ml
> lookups entry points on the local network.
No way. We've already been through this with the HTTP interface. And that was
literally 18 years ago, before Cambridge Analytica or Snowden, and before the
law took data protection seriously.
We simply cannot just expose user data to the network unauthorized. 18 years
ago, the password protection of the HTTP interface would have been barely
adequate. Nowadays, it's piss poor.
We can't merge something with even *worse* security in 2021.
> This issue can be a bit less of a problem if we:
> - Clearly notify the user that their upnp server is running, via
the UI for instance.
Sorry but no. That does not help at all. In all likelihood the computer is
unattended, VLC is not visible, or the user won't pay attention.
Besides, it's not a problem of *when* UPnP is enabled. It's a problem of *who*
can do *what* with it. Stating the obvious here, but authorized and
unauthorized clients will coexist.
--
レミ・デニ-クールモン
http://www.remlab.net/
More information about the vlc-devel
mailing list