On Mon, Jan 31, 2022 at 09:22:52PM +0100, Tomas Härdin wrote: [...] > It strikes me that this borders on incorporating business logic within > lavf. A user could achieve the same thing with a small shell script. > For example adding an alias that inspects calls to ffmpeg and sed:s > ipfs:// URLs accordingly
That sounds like a security nightmare the ffmpeg command line is complex, there are filters, strings for thinsg like drawtext, there is metadata possibly and links can occur at different places some of this may be controlled by a user (= attacker) seperating the actual links out to modify them and just them is no easy feat thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB There will always be a question for which you do not know the correct answer.
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
