[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Monitor commands related to display server passwords
From: |
Markus Armbruster |
Subject: |
Re: Monitor commands related to display server passwords |
Date: |
Thu, 01 Dec 2022 07:48:25 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Daniel P. Berrangé <berrange@redhat.com> writes:
> On Wed, Nov 30, 2022 at 02:25:53PM +0100, Markus Armbruster wrote:
>> Daniel P. Berrangé <berrange@redhat.com> writes:
>
>> > In 6.0 I introduced support for 'password-secret' to SPICE and VNC
>> > command line.
>> >
>> > I don't know why, but I only deprecated 'password' in SPICE and
>> > not in VNC.
>>
>> I figure you mean
>>
>> ``-spice password=string`` (since 6.0)
>> ''''''''''''''''''''''''''''''''''''''
>>
>> This option is insecure because the SPICE password remains visible in
>> the process listing. This is replaced by the new ``password-secret``
>> option which lets the password be securely provided on the command
>> line using a ``secret`` object instance.
>>
>> and -vnc password=...
>>
>> There's also -iscsi password=..., and possibly more.
>
> Oh, iSCSI already has password-secret=, so yeah, we should
> deprecate the old way there too.
Would you like to prepare the patch?
> Basically I want nothing in QMP/CLI to accept passwords,
> everything must use the 'secret' objects.
Understood.
>> > I didn't wire up any QMP commands todo live password changes. If
>> > the display was already configured with 'password-secret', you
>> > could delete and re-create the existing named secret object
>> > using object-add/object-del, since we fetch the secret value
>> > on every auth check.
>>
>> Is this behavior documented?
>
> I don't believe so
No need if we provide a more direct solution, like the one you sketched
(extending display-update).
- Re: Monitor commands related to display server passwords,
Markus Armbruster <=