network transparent audio with sndiod and vmd
Another way to isolate untrusted media players is to run them in a virtual machine. I was joking with mlarkin that if he’s run out of things to work on, he can add audio emulation to vmd. But of course, this is actually pretty easy to do (playing sounds, not emulating audio), thanks to network support in sndiod.
The setup is fairly easy. To export the audio device on the host side, run sndiod. Or kill and restart, or whatever.
sndiod -L 10.1.0.19
On the guest side, specifying the audio device can vary by program, but the default can be set via environment variable.
env AUDIODEVICEemail@example.com/0 mpg123 song31.mp3
And with that...
BSD fight buffer reign
Flowing blood in circuit vein
Quagmire, Hellfire, RAMhead Count
Puffy rip attacker out.