Mercurial > hg > xmms-sid
changeset 326:05db7469aeb4
More ideas
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Wed, 12 Jan 2005 02:29:04 +0000 |
| parents | 2e82a1742254 |
| children | e33c23075473 |
| files | TODO |
| diffstat | 1 files changed, 28 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/TODO Wed Jan 12 02:29:02 2005 +0000 +++ b/TODO Wed Jan 12 02:29:04 2005 +0000 @@ -34,10 +34,35 @@ XSIDB if something is found. - Convenience functionality? - * retrieve latest HVSC and song-length databases automatically? - * use 'curl' or 'wget' binary or use libcurl and implement - getting of those in plugin itself? + retrieve latest HVSC and song-length databases automatically? + use 'curl' or 'wget' binary or use libcurl and implement + getting of those in plugin itself. example: + + 0) if enabled: + + 1) get "http://www.tnsp.org/xs-files/LATEST", contents might + something similar to: + +HVSC 5.8 http://... +sldb 5.8 http://... +stable 0.8.0 http://www.tnsp.org/xs-files/xmms-sid-0.8.0.tar.gz +devel 0.9.0alpha0 http://www.tnsp.org/xs-files/xmms-sid-0.9.0alpha0.tar.gz + 2) verify signature. tell user about xmms-sid updates and + ask user if he wants the HVSC/sldb updates + + 3) if yes, download updates and verify + + 4) unzip, install, etc. + + security issues: + - how to prevent dns-spoofing or other attempts + to distribute invalid data? + - if forged data is got: exploitation of further vulnerabilities + in xmms-sid or unzip/tar may be possible + - only good way would be PGP/GnuPG signing of packages, but + that might be quite hard to implement... + Crazy ideas: - Song "pre-rendering" support+position selector