Package: libbluray-bdj Version: 1:0.5.0-2 Severity: normal
Hi. AFAIU, BD-J allows BluRays to run some Java code for an "extended experience"... No even if that was sandboxed... we all know how problematic this is with respect to security and that Java has a really bad record in terms of that. In the end this probably means, that if installed, more or less arbitrary code from BluRays (especially video BluRays) may be executed. I think that at least the package description should clearly warn the user about that, since many people may not fully realise what BD-J means. And IMHO it would be even better, if libbluray-bdj was "disabled" by default, even when installed... like that any function of it simply returns an error, or that it's not loaded by libbluray unless some configuration file enables it explicitly. Cheers, Chris. _______________________________________________ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
