ui: introduce "password-secret" option for SPICE server - focaccia-qemu - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Daniel P. Berrangé <berrange@redhat.com>	2021-03-11 11:43:42 +0000
committer	Gerd Hoffmann <kraxel@redhat.com>	2021-03-15 17:36:20 +0100
commit	99522f69d62216f5d9581f66f2c0edca6bd48f78 (patch)
tree	5f0ad49410504389ac7f87f3d1f2e8019f729c94 /docs/devel/secure-coding-practices.rst
parent	6c6840e9281cf2fd3b29d77f45b18949d4a83944 (diff)
download	focaccia-qemu-99522f69d62216f5d9581f66f2c0edca6bd48f78.tar.gz focaccia-qemu-99522f69d62216f5d9581f66f2c0edca6bd48f78.zip

ui: introduce "password-secret" option for SPICE server

Currently when using SPICE the "password" option provides the password
in plain text on the command line. This is insecure as it is visible
to all processes on the host. As an alternative, the password can be
provided separately via the monitor.

This introduces a "password-secret" option which lets the password be
provided up front.

  $QEMU --object secret,id=vncsec0,file=passwd.txt \
        --spice port=5901,password-secret=vncsec0

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210311114343.439820-3-berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

Diffstat (limited to 'docs/devel/secure-coding-practices.rst')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: