Le primidi 1er pluviôse, an CCXXIV, Michael Niedermayer a écrit : > From: Michael Niedermayer <mich...@niedermayer.cc> > > This should prevent the unintended use of concat
I am rather against this patch and the corresponding for subfile: these protocols are not harmful by themselves, they are dangerous if and only another protocol or format allows untrusted sources to provide arbitrary URLs. This kind of preemptive blacklisting is bound to fail (new protocols are added frequently, and they may be more dangerous than just concat or subfile) and only mitigates a few of the possible attacks. If people start to care about playlist-based security issues (Reimar used to warn about it long ago), a cross-protocol solution needs to be found. Regards, -- Nicolas George
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
