[mythtv] hello and question
raymond at wagnerrp.com
Fri Dec 21 02:38:19 UTC 2012
On 12/20/2012 16:43, Michael Watson wrote:
> The users dont have access to the Myth Protocol, only XBMC Does!
You do realize that if users can run XBMC which speaks to mythbackend
over the internal protocol, they can run whatever the hell else they
want to communicate using the internal protocol. Restrictions
implemented client-side are absolutely meaningless when the user can run
any client they choose. Security measures must be in place on the
backend, and there are currently next to none. The protocol is
unauthenticated, in plain text, and the only real protection measures
anywhere in it are simple sanity checks to prevent clients from
breaching the boundaries of the storage path roots.
More information about the mythtv-dev