[mythtv-users] myth video settings

Yan-Fa Li yanfali at best.com
Tue Nov 2 02:04:09 UTC 2004


John Patrick Poet wrote:
> On Mon, 1 Nov 2004, Yan-Fa Li wrote:
> 
> 
>>Neato!
>>
>>John, I really like that solution because it scales so much better.
>>However my security paranoia tells me that's a potentially huge gaping
>>security hole since you just take and execute an arbitrary string.
> 
> 
> 
> True, this does have a security hole.  My "frontend" is behind a firewall,
> so I am not terribly concerned.  If you have a suggestion on how to plug
> that hole, I am willing to look into it.
> 
> 

Well the first issue is it's a pure shell script you're building, which 
is fraught with issues.  It's flexible however since it allows arbitrary 
execution.  So a list of "acceptable" program paths for execution ala 
/etc/shells might be useful.

If we convert it to XML:

<pre-vidplay>
	<command path="/usr/X11R6/bin/xrandr">
		<arg switch="-s" value="640x480"/>
	</command>
</pre-vidplay>
<vidplayer>
	<command path="/usr/bin/mplayer">
		<arg switch="-fs"/>
		<arg switch="-zoom"/>
		<arg switch="-aspect" value="1.85"/>
		<arg switch="-quiet"/>
		<arg switch="-cache" value="8192"/>
		<arg switch="-vo" value="xv"/>
		<arg switch="-ao" value="alsa"/>
	</command>
</mplayer>
<post-vidplay>
	<command path="/usr/X11R6/bin/xrandr">
		<arg switch="-s" value="888x500"/>
	</command>
</post-vidplay>

Something like the above.  Though I understand that it looks like total 
overkill compared to your solution, however it's relatively simple to 
see what's going on and edit it, plus it takes care of your pre and post 
events.  Then you can parse the paths for acceptable binaries.  Discard 
any "special" characters and it should be relatively safe and not too 
slow.  If you're super paranoid, even restrict which switches are 
acceptable in the binaries list, automagically discarding any which 
don't meet the spec.

<approved-binaries>
	<command path="/usr/bin/mplayer">
		<arg switch="-fs"/>
		<arg switch="-zoom"/>
		<arg switch="-aspect"/>
		<arg switch="-cache"/>
		<arg switch="-quiet"/>
		<arg switch="-vo"/>
		<arg switch="-ao"/>
	</command>
	<command path="/usr/X11R6/bin/xrandr" switch="-s"/>
</approved-binaries>


Yan


More information about the mythtv-users mailing list