On 08.01.2010 13:27, Manuel Reimer wrote:
> the INSTALL file in the VDR source code says:
> WARNING: DUE TO THE OPEN SVDRP PORT THIS PROGRAM MAY CONSTITUTE A
> ======= POTENTIAL SECURITY HAZARD! IF YOU ARE NOT RUNNING VDR IN
> A CONTROLLED ENVIRONMENT, YOU MAY WANT TO DISABLE SVDRP
> BY USING '--port=0'!
> This is a solution, but it also makes it impossible to use svdrpsend.pl on
> the local VDR and so makes scripts fail, which want to send status messages
> to VDR and makes it impossible to to remap the power key to call
> "svdrpsend.pl HITK POWER".
> A much better solution would be to allow to just open the SVDRP port on
> "localhost", so only local software is able to use it and the port is not
> accessible from network.
> I've attached a patch, ...
What about svdrphosts.conf?
# svdrphosts This file describes a number of host addresses that
# are allowed to connect to the SVDRP port of the Video
# Disk Recorder (VDR) running on this system.
127.0.0.1 # always accept localhost
#192.168.100.0/24 # any host on the local net
#126.96.36.199 # a specific host
#0.0.0.0/0 # any host on any net (USE THIS WITH CARE!)
vdr mailing list