I've been working on such a prototype, but it's a lot of work. Knowing that you probably need to IPC several Gb/s between them. Probably do a multi-process media player, like Chrome is doing, with parsers and demuxers in a different process, and different ones for decoders and renderers. The point is, all those features have good reasons to exist and very good use cases but the issue is that for a media player, it will request almost all permissions except GPS and address book.Īnd quite a few of them are very close to kernel mode. you need access to the fonts and the fonts configuration (see fontconfig).Īnd I probably forgot one or another case. you need to unzip, untar, decrypt, decipher and so on you need to expose an IPC (think MPRIS on Linux) you need access to mounts to be able to see the insertion of DVD/Bluray/USB/SD cards and such you need access to the system settings to disable screensavers, and adjust brightness you need access to the network, as input and output (think remote control) many OpenGL client libraries need access to the /etc too you need access to /etc/ (registry) for proxy informations, fonts configuration and accessibility on linux, you have access to x11 for the 3 above features, which is almost root you need access to the DSP acceleration (not always the GPU) you need access to the audio stack, also in low-level mode you need access to the GPU stack, which is running in kernel-mode, btw, to output video and get hw acceleration you need raw access to /dev/v4l* for your webcams and be able to control them you need ioctl on such devices, to pass the MMC for DVD/Bluray
you need raw access to /dev/* to play DVD, CD and other optical disk (and the equivalent on Windows) you need the same if ever you have a database of files (media center oriented) you need to be able to open files without user interactions (no file picker), in order to open playlist, MXF or MKV files If you sandbox an application like VLC, in the current way of doing sandboxing, which we've done for macOS, WinRT/UWP, and snaps, you still need a lot of permissions. So, let me share some light on the sandboxing for multimedia (I work on VLC).
KODI SUBTITLES ZIP
no protection against zip files extracting files to parent directories).
KODI SUBTITLES ARCHIVE
The Kodi issue was a zip archive path traversal (i.e.
KODI SUBTITLES CODE
The article implies that VLC and the others are affected by the same issue (leading to code execution), but according to available information it seems to be completely different issues. Likely the javascript runtime they're using allows file access and execution of arbitrary executables, enabling the metasploit shell shown in the demo.įor VLC there are a bunch of out of bound reads and heap buffer overflows.į2b1f9e subtitle: Fix potential heap buffer overflowĦ11398f subtitle: Fix potential heap buffer overflowĮcd3173 subsdec: Fix potential out of bound readĦ2be394 subsdec: Fix potential out of bound readħ75de71 subtitle: Fix invalid double increment. Looks like PopcornTime was rendering subtitle text as HTML, inside their app (html/js-based), creating an XSS vector (looking at.
0 kommentar(er)
