Eduardo Habkost wrote:
> Hi,
> 
> This patch series for qemu contain multiple changes on the way encryption
> and authentication code is handled.
> 
> The first patch is a behaviour change to avoid silent security holes on
> the VNC server caused by user configuration errors.
> 
> Patches 2 and 3 are bugfixes to some of the multiple problems
> I had with monitor_readline(), when testing the qcow encryption
> support. monitor_readline() is still not completely functional, but
> at least it allows the qcow password to be read when an qcow encrypted
> image is specified on the command-line, now.

Don't worry about monitor and readline, I'm reworking it ATM, hope being
able to post the result by the end of this WE.

It's true there are more fundamental things broken (VM is blocked while
reading passwords, console mux'ing is clumsy), and some things are still
broken even with your patches (mounting encrypted USB disks on startup,
reading passwords from virtual consoles). Sigh, this all looked trivial
to get right on first sight but turned out to be _much_ more freaky...

Jan