On Mon, 2015-05-04 at 07:42 +0200, Fabian Greffrath wrote: > It should be handled on the application level. The library's job is to > parse and execute that stuff, not user interaction. Well that's just the point.. I think this *is* a user decision. "Do you want to execute foreign code?"
Nothing that the system could decide for the user. It's - as I've said - similar to the Java Plugin case, where the user is asked either. > Maybe because it will be über-annoying to have to click away a debconf > question each time you install e.g. "vlc" because you want to watch a > DVD or listen to music or something else? Who will be really qualified > to properly answer a question about such an implementation detail of the > Bluray standard upon installation of a probably entirely unrelated > package? Not really a problem, is it? That question would be only asked once on the first installation, and people could then either follow the default choice or one could provide a "simple" explanation as well > This will be about as helpful as the "certificate exception" click-away > dialog in Firefox Well but that dialogs are important... if you don't have them, TLS would be even more useless than it already is. And if a user is stupid and clicks it blindly away without reading/understanding - his fault. But not a reason that those have to suffer as well, who properly do their homework. > Alright, fine. But how about this for libc6? > > "This library contains string manipulation functions that may read > and/or write beyond array boundaries and are known to be exploitable. > They may be called by foreign and even malicious code and even if they > are run in a virtualization environment [...]" That's quite a difference... because for the later you still need to first get some code locally where you do this. If you install some software, which uses any C lib function insecurely... well that's a security hole. But here we just play a video, nothing where one would naturally assume that foreign code get's executed. As I've said,.. simply compare it with the Java Web Plugin example. It's basically the same, conceptually. Cheers, Chris.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
