other: 0.209
semantic: 0.173
vnc: 0.155
graphic: 0.088
device: 0.069
permissions: 0.051
performance: 0.050
debug: 0.043
network: 0.039
socket: 0.033
PID: 0.029
files: 0.028
boot: 0.018
KVM: 0.015
debug: 0.180
other: 0.154
semantic: 0.124
PID: 0.083
network: 0.075
files: 0.072
device: 0.071
vnc: 0.052
performance: 0.046
boot: 0.045
permissions: 0.041
socket: 0.031
graphic: 0.017
KVM: 0.008

qemu doesn't sanitize command line options carrying plaintext passwords

A slight security problem exists with qemu's lack of sanitization of argv[], for cases where the user may have specified a plaintext password for spice/vnc authorization.  (Yes, it's not great to use this facility, but it's convenient and not grotesquely unsafe, were it not for this bug.)  It would be nice if those plaintext passwords were nuked from the command line, so a subsequent "ps awux" didn't show them for all to see.

See also https://bugzilla.redhat.com/show_bug.cgi?id=916279

Hi,

Thanks for submitting this report.  I've removed the security label from the bug after reading through the comments and the referenced bug.  Modifying argv is not terribly portable and I think a reasonable person would expect that a password specified on the command line would be visible through a ps.

Patches would certainly be considered but I don't consider this a security issue.  Just a request for an enhancement.

The QEMU project is currently considering to move its bug tracking to another system. For this we need to know which bugs are still valid and which could be closed already. Thus we are setting older bugs to "Incomplete" now.
If you still think this bug report here is valid, then please switch the state back to "New" within the next 60 days, otherwise this report will be marked as "Expired". Or mark it as "Fix Released" if the problem has been solved with a newer version of QEMU already. Thank you and sorry for the inconvenience.

[Expired for QEMU because there has been no activity for 60 days.]