FireFly Media Server › Firefly Media Server Forums › Firefly Media Server › Nightlies Feedback › Warning: Security breach in svn-1689 an possible others › Reply To: Warning: Security breach in svn-1689 an possible others
06/11/2008 at 6:48 PM
#17848
mas
Participant
Hehe guess we are the only ones alive in this forum from time to time.
Well I was not aware of this “feature” which is a security wise quite huge flaw.
I mean if the link was
/databases/item/1/RANDOMKEY.mp3
then ok. But the id is very very predictable. De facto such a DAAP server is open for anyone. Inacceptable when you use it from remote also.