[FFmpeg-devel] [PATCH] ipfsgateway: Remove default gateway

Michael Niedermayer michael at niedermayer.cc
Tue Aug 16 00:47:53 EEST 2022 

On Mon, Aug 15, 2022 at 08:35:18PM +0100, Derek Buitenhuis wrote:
> On 8/10/2022 11:27 PM, Derek Buitenhuis wrote:
> > A gateway can see everything, and we should not be shipping a hardcoded
> > default from a third party company; it's a security risk.
> > 
> > Signed-off-by: Derek Buitenhuis <derek.buitenhuis at gmail.com>
> > ---
> >  libavformat/ipfsgateway.c | 11 ++++-------
> >  1 file changed, 4 insertions(+), 7 deletions(-)
> 
> I've been asked by almost all the active developers on FFmpeg at this
> point to push this while we debate the error message, gateway list / solution,
> nuking, etc.
> 
> I quintuple checked on IRC it was OK for me to push in the meantime. Logs are
> there.
> 
> Many distros/packagers have already backported this patch to 5.1 themselves,
> as they really (shockingly) do not want a default gateway.
> 
> So: Pushed.
> 
> Let us continue the discusion on the other aspects of this topic.
> 
> (Please do not send me hate mail or harassment. I really did check.)

I just like to note that many of these statments are not untrue but also
not exactly true the way they are written. That begins with the commit message
"it's a security risk.", sure it is one for some definiton of risk but 
after this patch there is more risk in practice for the average end user

I would be carefull with the distros which backported this. Honestly
i would question these distros security more than the security of the
gateway. Because I dont think they reviewed this 
It says this now:
                   "IPFS does not appear to be running.\n\n"
                   "Installing IPFS locally is recommended to "
                   "improve performance and reliability, "
That removes the gateway (because it cant be trusted and replaced it
by a litteral recommandition to install their software)
replace loging by code exec ... either you trust them or not

No, iam not angry or anything like that at all. Iam also not asking for any
revert or anything and i fully aknowledge that there seems to be a clear majority 
for the removal of the default.
I just have to point this out because i think something went a bit wrong here.

Also some of the argumentation today on IRC about crypto & NFTs felt a
bit like the "distant dark past" where random projects and random people where
attacked.
If one was concerned that using a default gateway could be seen
as endorsment by us. Be concerned please about how FFmpeg looks
when its developers attack other projects on its official development IRC channels.

thx


[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

If a bugfix only changes things apparently unrelated to the bug with no
further explanation, that is a good sign that the bugfix is wrong.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20220815/c26ecc46/attachment.sig>

More information about the ffmpeg-devel mailing list