Am 21.07.2014 21:27, schrieb Reindl Harald: > Am 21.07.2014 21:20, schrieb Nicolas George: >> Le tridi 3 thermidor, an CCXXII, Tom Evans a écrit : >>> Shell'ing to run ffprobe gets you the same data; using software with >>> known exploits is much more insecure than making sure you correctly >>> escape filenames. >> >> And it is even better to make sure not to _need_ to escape filenames > > that was not the question > > the question is between using known unsecure software > where *every* input file could lead to code execution > or escape filenames > > using *knowingly unsecure* software in environments > where users can submit input files is just stupid > > you have two choices: > > * update and find a solution for your needs > * don't offer a specific service if you can't do it secure
and if it comes to ffmpeg and "my users need instant feedback" you always can setup a own apache instance allowing shell-execute which provides a restricted webservice running only on 127.0.0.1 and called by the public website - this has it's own "php.ini" that way you can configure sane "disable_functions" blocking any shell code and so secure Joomla or whatever is running on the public webserver i did that years ago for a very large project where instant images of incoming video streams was needed on a public website for any public webserver unconditionally open_basedir and the blacklist below is the way to go and no known vulnerable software installed disable_functions = "apache_child_terminate, chown, dl, exec, fileinode, get_current_user, getmypid, getmyuid, getrusage, highlight_file, link, mail, openlog, passthru, pclose, pcntl_alarm, pcntl_errno, pcntl_exec, pcntl_fork, pcntl_get_last_error, pcntl_getpriority, pcntl_setpriority, pcntl_signal_dispatch, pcntl_signal, pcntl_sigprocmask, pcntl_sigtimedwait, pcntl_sigwaitinfo, pcntl_strerror, pcntl_wait, pcntl_waitpid, pcntl_wexitstatus, pcntl_wifexited, pcntl_wifsignaled, pcntl_wifstopped, pcntl_wstopsig, pcntl_wtermsig, pfsockopen, popen, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, show_source, socket_accept, socket_bind, symlink, syslog, system
signature.asc
Description: OpenPGP digital signature
_______________________________________________ ffmpeg-user mailing list [email protected] http://ffmpeg.org/mailman/listinfo/ffmpeg-user
