From: Peter martin <peter@naiadhome.com>
To: unlisted-recipients:; (no To-header on input)
Cc: linux-kernel@vger.kernel.org
Subject: Re: [RFC] vtunerc: virtual DVB device - is it ok to NACK driver because of worrying about possible misusage?
Date: Sun, 11 Dec 2011 18:45:30 +0000 [thread overview]
Message-ID: <4EE4FA4A.6030909@naiadhome.com> (raw)
In-Reply-To: <4EDF71AE.5070509@linuxtv.org>
One thing I have not seen addressed here is security. I've had a brief
scan of the code, but there does not appear to be any mechanism to
authenticate/authorise remote access to the vtunerc devices. In a home
entertainment environment, this is not too serious, but In a non-closed
network, for example a commercial installation in a hotel, what is to
stop a rogue client from accessing a tuner and potentially causing
mischief by changing settings, More seriously pulling a full MPTS of
decrypted content from a CI card, which would make content providers
most unhappy!
I don't know enough about kernel modules doing networking, but do the
packets go through the iptables route, and do things like DSCP still get
taken note of?
vtunerc sounds like a neat idea, but I am worried by the back doors it
opens up. Sorry if I've missed something obvious here!
Pete Martin
On 07/12/2011 14:01, Andreas Oberritter wrote:
> On 07.12.2011 14:49, Mark Brown wrote:
>> On Tue, Dec 06, 2011 at 03:48:27PM +0100, Andreas Oberritter wrote:
>>> On 06.12.2011 15:19, Mark Brown wrote:
>>>> Your assertatation that applications should ignore the underlying
>>>> transport (which seems to be a big part of what you're saying) isn't
>>>> entirely in line with reality.
>>> Did you notice that we're talking about a very particular application?
>> *sigh*
>>
>>> VoIP really is totally off-topic. The B in DVB stands for broadcast.
>>> There's only one direction in which MPEG payload is to be sent (using
>>> RTP for example). You can't just re-encode the data on the fly without
>>> loss of information.
>> This is pretty much exactly the case for VoIP some of the time (though
>> obviously bidirectional use cases are rather common there's things like
>> conferencing). I would really expect similar considerations to apply
>> for video content as they certainly do in videoconferencing VoIP
>> applications - if the application knows about the network it can tailor
>> what it's doing to that network.
>>
>> For example, if it is using a network with a guaranteed bandwidth it can
>> assume that bandwidth. If it knows something about the structure of the
>> network it may be able to arrange to work around choke points.
>> Depending on the situation even something lossy may be the answer - if
>> it's the difference between working at all and not working then the cost
>> may be worth it.
> Once and for all: We have *not* discussed a generic video streaming
> application. It's only, I repeat, only about accessing a remote DVB API
> tuner *as if it was local*. No data received from a satellite, cable or
> terrestrial DVB network shall be modified by this application!
>
> Virtually *every* user of it will use it in a LAN.
>
> It can't be so hard to understand.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-media" in
> the body of a message tomajordomo@vger.kernel.org
> More majordomo info athttp://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2011-12-11 18:45 UTC|newest]
Thread overview: 83+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-30 21:38 [RFC] vtunerc: virtual DVB device - is it ok to NACK driver because of worrying about possible misusage? HoP
2011-11-30 21:52 ` Michael Krufky
2011-12-01 0:09 ` Andreas Oberritter
2011-12-01 11:04 ` Mauro Carvalho Chehab
2011-12-01 14:58 ` HoP
2011-12-01 17:38 ` Mauro Carvalho Chehab
2011-12-01 19:59 ` HoP
2011-12-01 20:38 ` Mauro Carvalho Chehab
2011-12-01 22:55 ` Andreas Oberritter
2011-12-02 11:14 ` Mauro Carvalho Chehab
2011-12-02 11:40 ` Rémi Denis-Courmont
2011-12-02 11:48 ` Andreas Oberritter
2011-12-02 12:05 ` Rémi Denis-Courmont
2011-12-02 11:57 ` HoP
2011-12-02 17:33 ` Mauro Carvalho Chehab
[not found] ` <3D233F78EE854A4BA3D34C11AD4FAC1FDD141F@nasanexd01b.na.qualcomm.com>
2011-12-05 18:16 ` V4L2 driver node directory structure under /video directory Mauro Carvalho Chehab
2011-12-02 17:49 ` [RFC] vtunerc: virtual DVB device - is it ok to NACK driver because of worrying about possible misusage? Rémi Denis-Courmont
2011-12-02 18:16 ` Andreas Oberritter
2011-12-02 18:28 ` Andreas Oberritter
2011-12-02 23:19 ` Alan Cox
2011-12-03 0:37 ` HoP
2011-12-05 10:21 ` Florian Fainelli
2011-12-05 14:28 ` HoP
2011-12-05 15:16 ` Alan Cox
2011-12-05 15:18 ` Michael Krufky
2011-12-06 0:16 ` HoP
2011-12-05 17:39 ` Mauro Carvalho Chehab
2011-12-05 20:41 ` Andreas Oberritter
2011-12-05 20:55 ` Alan Cox
2011-12-05 21:20 ` Andreas Oberritter
2011-12-05 21:54 ` Alan Cox
2011-12-06 11:18 ` Mark Brown
2011-12-06 12:01 ` Andreas Oberritter
2011-12-06 13:10 ` Mauro Carvalho Chehab
2011-12-06 13:35 ` Andreas Oberritter
2011-12-06 14:13 ` Mauro Carvalho Chehab
2011-12-06 14:38 ` Andreas Oberritter
2011-12-06 15:06 ` Mauro Carvalho Chehab
2011-12-06 15:36 ` Manu Abraham
2011-12-06 11:21 ` Mark Brown
2011-12-06 12:01 ` Andreas Oberritter
2011-12-06 14:19 ` Mark Brown
2011-12-06 14:48 ` Andreas Oberritter
2011-12-07 13:49 ` Mark Brown
2011-12-07 14:01 ` Andreas Oberritter
2011-12-07 16:10 ` Mark Brown
2011-12-07 16:56 ` Andreas Oberritter
2011-12-07 16:58 ` Andreas Oberritter
2011-12-07 21:48 ` Patrick Dickey
2011-12-07 22:53 ` Honza Petrouš
2011-12-07 23:24 ` Peter Kolta
2011-12-07 23:55 ` Andreas Oberritter
2011-12-11 18:45 ` Peter martin [this message]
2011-12-12 10:31 ` Alan Cox
2011-12-06 17:19 ` Manu Abraham
2011-12-06 0:07 ` HoP
2011-12-06 13:22 ` Mauro Carvalho Chehab
2011-12-06 13:49 ` Andreas Oberritter
2011-12-06 14:19 ` Rémi Denis-Courmont
2011-12-06 15:05 ` Andreas Oberritter
2011-12-06 14:20 ` Mauro Carvalho Chehab
2011-12-06 15:00 ` Andreas Oberritter
2011-12-06 17:35 ` HoP
2011-12-03 16:13 ` Andreas Oberritter
2011-12-03 16:42 ` Alan Cox
2011-12-03 17:38 ` Andreas Oberritter
2011-12-03 17:21 ` VDR User
2011-12-03 17:42 ` Alan Cox
2011-12-03 17:48 ` Devin Heitmueller
2011-12-04 23:54 ` HoP
2011-12-03 18:13 ` Hans Petter Selasky
2011-12-05 0:05 ` HoP
2011-12-03 18:17 ` Andreas Oberritter
2011-12-03 23:30 ` Walter Van Eetvelt
2011-12-04 0:14 ` VDR User
2011-12-04 14:44 ` Alan Cox
2011-12-04 23:22 ` HoP
2011-12-05 1:45 ` VDR User
2011-12-05 6:20 ` HoP
2011-12-01 11:50 ` Communication misunderstanding? (was: Re: [RFC] vtunerc: virtual DVB device - is it ok to NACK driver because of worrying about possible misusage?) Patrick Boettcher
2011-12-01 12:33 ` [RFC] vtunerc: virtual DVB device Rémi Denis-Courmont
2011-12-01 14:39 ` HoP
2011-12-02 18:32 ` [RFC] vtunerc: virtual DVB device - is it ok to NACK driver because of worrying about possible misusage? VDR User
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4EE4FA4A.6030909@naiadhome.com \
--to=peter@naiadhome.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.