[FFmpeg-devel] Would a crypto file be acceptable?
Gregor Riepl
onitake at gmail.com
Fri Dec 23 19:45:15 EET 2022
> I can't find a single thing about this in the ffmpeg documentation.
> How is this called, where can I read more about it and - most importantly -
> does it work out of the box?
No, it does not.
This was a suggestion that sounds like a better option than a custom
metadata descriptor file that is only used for one particular use case,
at least to me.
> Regardless, this would be a rather big security hole as a potential key
> would be plainly visible in url logging.
> Therefore "hiding" it in a file is probably a better and more secure
> approach.
The same applies to your custom descriptor file, of course. Especially
if it's stored on disk, as ramdisks/pipes/sockets aren't as ubiquitous
as you might think.
More information about the ffmpeg-devel
mailing list