[mythtv] hello and question

Raymond Wagner raymond at wagnerrp.com
Fri Dec 21 02:38:19 UTC 2012

On 12/20/2012 16:43, Michael Watson wrote:
> The users dont have access to the Myth Protocol, only XBMC Does!

You do realize that if users can run XBMC which speaks to mythbackend 
over the internal protocol, they can run whatever the hell else they 
want to communicate using the internal protocol. Restrictions 
implemented client-side are absolutely meaningless when the user can run 
any client they choose. Security measures must be in place on the 
backend, and there are currently next to none. The protocol is 
unauthenticated, in plain text, and the only real protection measures 
anywhere in it are simple sanity checks to prevent clients from 
breaching the boundaries of the storage path roots.

More information about the mythtv-dev mailing list