From: Anthony Liguori <aliguori@us.ibm.com>
To: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
Cc: Ian Pratt <m+Ian.Pratt@cl.cam.ac.uk>,
xen-devel@lists.xensource.com,
"Daniel P. Berrange" <berrange@redhat.com>
Subject: Re: [PATCH][Take 2] VNC authentification
Date: Fri, 29 Sep 2006 09:01:23 -0500 [thread overview]
Message-ID: <451D2733.3000308@us.ibm.com> (raw)
In-Reply-To: <JX200609291747343.1765484@jp.fujitsu.com>
A couple comments:
Does this code actually work? You call vnc_read_when twice in the same
function. The first one should never get called (it can only be called
from the main loop and there can only ever be one outstanding read
function).
There are a couple weird bits in the code too that I cannot reply to
(your mailer is sending the attachment as a octet-stream, please inline
too next time you send the patch).
Otherwise, it looks really promising!
Regards,
Anthony Liguori
Masami Watanabe wrote:
> Hi,
>
> This is take 2 on VNC authentification.
>
> The specification is as mentioned at
> http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
> The difference is follows.
> - correction that passes information through xenstore.
> - after information is read, qemu deletes information on xenstore.
>
>
> Signed-off-by: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
>
> Best regards,
> Watanabe
>
>
> On Tue, 26 Sep 2006 19:23:47 +0100, Ian Pratt wrote:
>
>>
>>
>>> Thanks all point about security, I'll do as follows.
>>> I thought that the point was the following two.
>>>
>>>
>>> 1. Storage place of encrypted password
>>> Should I store it in /etc/xen/passwd ?
>>> Or, should I wait for DB of Xen that will be released in
>>> the future?
>>>
>> The xend life cycle management patches were posted by Alistair a couple
>> of months back. They'll go in early in the 3.0.4 cycle.
>>
>>
>>> In the latter case, the release time and information, I want you to
>>> teach it.
>>> Now, I think we have no choice but to use /etc/xen/passwd.
>>>
>> In the mean time, I'd just out them in the domain config file and change
>> the default permissions and ownership.
>>
>>
>>> 2. Method of Xen VNC Server receiving stored password
>>> By way of xenstore. However, it is necessary to consider
>>> xenstore-ls.
>>>
>> It can be passed transiently (i.e. it gets deleted from the store by
>> qemu-dm)
>> You need to be root to run xenstore-ls so I'm comfortable with this.
>>
>> Ian
>>
>> _______________________________________________
>> Xen-devel mailing list
>> Xen-devel@lists.xensource.com
>> http://lists.xensource.com/xen-devel
next prev parent reply other threads:[~2006-09-29 14:01 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-09-26 18:23 Individual passwords for guest VNC servers ? Ian Pratt
2006-09-28 1:01 ` Masami Watanabe
2006-09-29 8:47 ` [PATCH][Take 2] VNC authentification Masami Watanabe
2006-09-29 14:01 ` Anthony Liguori [this message]
2006-09-30 18:47 ` masami.watanabe
2006-09-29 22:11 ` Daniel P. Berrange
2006-09-30 18:53 ` Masami Watanabe
2006-10-02 16:22 ` Daniel P. Berrange
2006-10-02 17:24 ` Anthony Liguori
2006-10-02 18:12 ` Daniel P. Berrange
2006-10-02 19:15 ` Ian Pratt
2006-10-03 2:04 ` Masami Watanabe
2006-10-03 16:08 ` [PATCH][Take 3] " Masami Watanabe
2006-10-03 17:56 ` Anthony Liguori
2006-10-03 18:06 ` Daniel P. Berrange
2006-10-03 18:49 ` Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=451D2733.3000308@us.ibm.com \
--to=aliguori@us.ibm.com \
--cc=berrange@redhat.com \
--cc=m+Ian.Pratt@cl.cam.ac.uk \
--cc=masami.watanabe@jp.fujitsu.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.