[MPlayer-dev-eng] Re: Re: Moving the audio plugins to libmpcodecs - design of plugin management
D Richard Felker III
dalias at aerifal.cx
Thu Jun 20 09:21:33 CEST 2002
On Wed, Jun 19, 2002 at 07:10:50PM +0200, Eric Lammerts wrote:
>
> On Wed, 19 Jun 2002, D Richard Felker III wrote:
> > > 5. Network socket ?
> >
> > Directly listening to a network socket is almost surely insecure.
>
> If your network is secure (like mine at home), it doesn't matter at
> all. All we need to do is disable it by default, and mention in the
> manpage that enabling it has security implications.
"Firewalled off from everything" is not my definition of secure.
That's called crippled. "Secure" is not running crap that yields
access to people it shouldn't. Making programs controllable through a
TCP socket is just bad security design, unless you intend on
implementing a full authentication system in the program, which is far
beyond the scope of a movie player.
Rich
More information about the MPlayer-dev-eng
mailing list