From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 4F03345008 for ; Mon, 19 Dec 2022 13:41:05 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 5D1C268B50A; Mon, 19 Dec 2022 15:41:03 +0200 (EET) Received: from mail-ed1-f45.google.com (mail-ed1-f45.google.com [209.85.208.45]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 31FF9680298 for ; Mon, 19 Dec 2022 15:40:57 +0200 (EET) Received: by mail-ed1-f45.google.com with SMTP id a16so12868620edb.9 for ; Mon, 19 Dec 2022 05:40:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:message-id:date:subject:to:from :from:to:cc:subject:date:message-id:reply-to; bh=ajpmaVFrMgp/TYjOINBSdiMjPKS9uQVeTO8cfmI5gw8=; b=I3t1h3HE87F+4XTItoJvKrkzFKqI8q98+p6shFfAXjJfGtlmcbZPkfzk18wuOh7u7a YTMxCRu2UBGzt9Ruw50pfxYPi7MEEiU/gIsMME0NnmwxT3npmXlShxmQnWU34mVTfw9U HW9cWCwxwu3947TD8D5DIaqvXIqgLkUBphq590PsHoURcVs6bELpaY2sulR+xlCW4NYM 3owpIpeNzWpfetQSLPBT+geRocKDyHGEZ3lzD6CVaACDrgWPzrdThwphhmiLUafFRkR4 2wU6P91DbKeSpxopcV/ZqvkvbZIqZrZyspatQ3m9JlaVpKZt7B6q+Vi1UWMsEJO2TMhv hyVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:references:in-reply-to:message-id:date:subject:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ajpmaVFrMgp/TYjOINBSdiMjPKS9uQVeTO8cfmI5gw8=; b=H++7x9UcqTv50d/z8/ixsv9q+h62gTedpnnDbSQQHXXPNYHr7EOTu6MEXKw3E8CT0C VljBCoksNQ7lArerfFE/ckpKwt21C7iEr3FDf2aJky1b/MMmliMxFWiGrJQ76MS+Pi+l oITb8v23LoMXoC+dOtnBXJF9qWRnEjOG7M/4Cq7zQaLJjl+KzT6Z/3n4/NftAEbIKWOU D1BMnaTEifbTmOGgiDbMcEkRCIq/vkOAOrtWg5LGCUwxERUHfNk6xJaVXaoytTDkISdO r9Fg833kR/P3b4tZogcarNoIBSIu8/0w5Fz7ZsGNiDCGmQxkTEMXWboKI9Er815KCt2N mSvg== X-Gm-Message-State: AFqh2krok5nKi9HhONe5MVo0Sta/Vnv5vVF1Dg3XAmRxkWd6xjNjt8PZ 03prxrGFsIKC/8VjGNmUd2wsCqatWr2rHw== X-Google-Smtp-Source: AMrXdXuYJUNDSm0YSSiuVZBtJK3l6kNRUy6rHjgwQTwwlXY9DqKDAHwLRu+/LP7RK8A0YvF/fd76fA== X-Received: by 2002:aa7:db93:0:b0:478:5688:7c9f with SMTP id u19-20020aa7db93000000b0047856887c9fmr5827986edt.29.1671457256132; Mon, 19 Dec 2022 05:40:56 -0800 (PST) Received: from [192.168.178.30] (dynamic-2a01-0c22-3482-a300-c5ce-abfc-55b6-93b5.c22.pool.telefonica.de. [2a01:c22:3482:a300:c5ce:abfc:55b6:93b5]) by smtp.gmail.com with ESMTPSA id n19-20020aa7c793000000b0045cf4f72b04sm4359506eds.94.2022.12.19.05.40.55 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Dec 2022 05:40:55 -0800 (PST) From: Marvin Scholz To: FFmpeg development discussions and patches Date: Mon, 19 Dec 2022 14:40:54 +0100 X-Mailer: MailMate (1.14r5898) Message-ID: <8112CCA9-23E1-4008-A8DC-85F9534FC45B@gmail.com> In-Reply-To: References: <7407e74b181e4e00a7b7104fb63cf56a@huawei.com> MIME-Version: 1.0 Subject: Re: [FFmpeg-devel] [PATCH] fftools/ffmpeg_ffplay_ffprobe_cmdutils: add -mask_url to replace the protocol address in the command with the asterisk (*) X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: On 19 Dec 2022, at 14:37, Nicolas George wrote: > Marvin Scholz (12022-12-19): >> IIUC this means the `-mask_url` option has to be the first option passed, >> which seems a bit of an unfortunate requirement and is not documented at >> all, as far as I can see. So at least this should be clearly documented >> to prevent users being confused why the get an unrecognised option error >> when they do not pass it as the first option. > > Indeed. And I see no reason to have this option processed specially like > that; it requires at least an explanation. > >> I am a bit confused how this helps for the issue it tries to solve, as >> for some amount of time, until this is done, it would expose the full >> plaintext URL still, no? > > This is unavoidable. Still, having sensitive information visible for a > fraction of a second is better than having sensitive information visible > for the length of a playback or transcoding process. I agree, but then the docs should probably mention that to not give a false sense of absolute security here. And maybe note that it might be a better option to pass the password via stdin or hide the process from other users to completely avoid leaking the password. > > Regards, > > -- > Nicolas George > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".