[MPlayer-users] md5 checking

caedes caedes at leprau.de
Tue Apr 13 21:15:15 CEST 2004


alvin.mpeg at ns.linux-1u.net wrote:

>hi ya paul
>
>  
>
>>On Mon, 12 Apr 2004 17:50:21 -0700 (PDT)
>>alvin.mpeg at ns.linux-1u.net wrote:
>>
>>    
>>
>>>[...]
>>>- its to prevent mplayer from playing files it should not display :-)
>>>      
>>>
>>for instance?!?!?
>>    
>>
>
>xxx movies ...  some folks will object to those movies
>being played on a public/shared mpeg player
>
>- a script wrapped around mplayer wont help, because the
>  cracker can simply make their own playlist and bypass the
>  "self checK security script" ( invoke mplayer directly )
>
>- if mplayer -md5 option is compiled into the mplayer binary, than 
>  it'd be a lot harder for script kiddie to modify the playlist
>  and also provide the md5 of the mpegs from a url that is 
>  hard coded into the player
>
>- just wondering ... that's our answer to the question of
>  minimizing the risk of playing unauthorized movies
>
>c ya
>alvin
> 
>  
>
hi

what about just putting the authorized movies onto the "public/shared 
mpeg player" and give no access to internet/lan (or restrict 
downloadfilesize) and no access to cdrom/dvd-drive?

 "- the location of the md5 directory can be in ~/.mplayer/config
	- should be 2 or 3 places to get the md5 for any file"

if the "scriptkiddie" is able to modify the playlist, it'll also be able to alter the md5s i guess


- caedes




More information about the MPlayer-users mailing list