Not discord, but the default player is vulnerable to many different crash shenanigans. I get them sent to me all the time to look into and its usually just people using bogus timestamps, bogus seek times or concatenating multiple videos of different resolutions/rates that the player can't handle. If there was a way to get discord to spawn VLC for playing videos by default this would be less of a problem.
- VLC has decades of battle hardening and entirely discards all the aforementioned nonsense. In a perfect world, both Discord and VLC would be sandboxed themselves, but I accept that this world is far from perfect. Discord could at least sanitize anything that strays from a filename when passed to VLC.
- Discord is already vulnerable to crashes from multimedia. This has been a long running problem that has not been resolved by sandboxing in Electron. The folks at Discord will not be able to resolve this with code changes in Electron AFAIK. If you can crash it, there is potential for an RCE. What that RCE can effectively accomplish will entirely depend on sandboxing boundaries external to the application, not sandboxing within the application.
In reference to sandboxing, I could make a document that explains how to enable the OS wide sandboxing features of Windows 10 [1] VirtualSecureMode / DeviceGuard / CredentialGuard and Linux SELinux / AppArmor. I don't have one for MacOS. I should add, don't enable the Windows 10 security features if you depend on any virtualization outside of Hyper-V. Enabling those will break all hypervisors that don't rhyme with Hyper-V.
I should add that my solution for Discord is to not preview videos or play them in the client. I click on the links and VLC plays them but that is not the default behavior of the application.
Aren't quite a few Android security fixes every month related to the media framework? Are those not severe in a browser context because it's sandboxed?
