overreacting (was: Re: [MPlayer-dev-eng] uau - svn account removal)

Michael Niedermayer michaelni at gmx.at
Mon Feb 26 03:19:57 CET 2007


On Mon, Feb 26, 2007 at 04:03:26AM +0200, Uoti Urpala wrote:
> On Mon, 2007-02-26 at 01:26 +0100, Michael Niedermayer wrote:
> > if such changes are tolerated mplayer will soon be a trojanized application
> > as noone can or will review such changes for malicious code
> You're seriously using the chance that I might intentionally add
> vulnerabilities as a reason?

OF COURSE NOT you but its possible that someone else tries possibly
with a cracked account ...
its a not so unlikely scenario, getting a svn account is easy ...

and mallicious code which is executed every time is way more effective
than some buffer overflow which is dependant various other factors like
gcc, and kernel and of course a video file which exploits it ...


Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

No snowflake in an avalanche ever feels responsible. -- Voltaire
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/attachments/20070226/0a8e0c07/attachment.pgp>

More information about the MPlayer-dev-eng mailing list