[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 3/3] ui: remove deprecated 'password' option for SPICE
From: |
Markus Armbruster |
Subject: |
Re: [PATCH 3/3] ui: remove deprecated 'password' option for SPICE |
Date: |
Thu, 01 Dec 2022 13:16:40 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Daniel P. Berrangé <berrange@redhat.com> writes:
> This has been replaced by the 'password-secret' option,
> which references a 'secret' object instance.
>
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
> docs/about/deprecated.rst | 8 --------
> docs/about/removed-features.rst | 7 +++++++
> qemu-options.hx | 9 +--------
> ui/spice-core.c | 15 ---------------
> 4 files changed, 8 insertions(+), 31 deletions(-)
>
> diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst
> index 2cc8924fe9..ee4301f96d 100644
> --- a/docs/about/deprecated.rst
> +++ b/docs/about/deprecated.rst
> @@ -73,14 +73,6 @@ Input parameters that take a size value should only use a
> size suffix
> the value is hexadecimal. That is, '0x20M' is deprecated, and should
> be written either as '32M' or as '0x2000000'.
>
> -``-spice password=string`` (since 6.0)
> -''''''''''''''''''''''''''''''''''''''
> -
> -This option is insecure because the SPICE password remains visible in
> -the process listing. This is replaced by the new ``password-secret``
> -option which lets the password be securely provided on the command
> -line using a ``secret`` object instance.
> -
> ``-smp`` ("parameter=0" SMP configurations) (since 6.2)
> '''''''''''''''''''''''''''''''''''''''''''''''''''''''
>
> diff --git a/docs/about/removed-features.rst b/docs/about/removed-features.rst
> index 63df9848fd..e04e095320 100644
> --- a/docs/about/removed-features.rst
> +++ b/docs/about/removed-features.rst
> @@ -408,6 +408,13 @@ pcspk-audiodev=<name>``.
>
> Use ``-device`` instead.
>
> +``-spice password=string`` (removed in 8.0)
> +'''''''''''''''''''''''''''''''''''''''''''
> +
> +This option is insecure because the SPICE password remains visible in
Nitpicking... since the option doesn't exist anymore, it can't *be*
insecure. It sure *was* insecure.
> +the process listing. This is replaced by the new ``password-secret``
> +option which lets the password be securely provided on the command
> +line using a ``secret`` object instance.
>
> QEMU Machine Protocol (QMP) commands
> ------------------------------------
[...]
Reviewed-by: Markus Armbruster <armbru@redhat.com>