From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=37744 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PDGzw-0007Jt-L3
	for qemu-devel@nongnu.org; Tue, 02 Nov 2010 09:34:05 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <kraxel@redhat.com>) id 1PDEq2-0003T5-5X
	for qemu-devel@nongnu.org; Tue, 02 Nov 2010 07:15:39 -0400
Received: from mx1.redhat.com ([209.132.183.28]:62133)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <kraxel@redhat.com>) id 1PDEq1-0003Su-Os
	for qemu-devel@nongnu.org; Tue, 02 Nov 2010 07:15:38 -0400
Message-ID: <4CCFF2CE.1040902@redhat.com>
Date: Tue, 02 Nov 2010 12:15:26 +0100
From: Gerd Hoffmann <kraxel@redhat.com>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] [PATCH 2/3] vnc: support password expire
References: <1286450121-17153-1-git-send-email-kraxel@redhat.com>
	<1286450121-17153-3-git-send-email-kraxel@redhat.com>
	<4CAE2521.2070500@codemonkey.ws> <20101008100841.GB9279@redhat.com>
In-Reply-To: <20101008100841.GB9279@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: qemu-devel@nongnu.org

   Hi,

>> How does password expiration help with security at all?
>
> VNC passwords are obviously rather weak, so if you can limit
> the time the password is valid to the window in which you
> are expecting the incoming VNC connection this limits the
> time to attack the VNC password. A mgmt tool could do
>
>    - Set a VNC password
>    - Open the VNC connection
>    - Clear the VNC password
>
> If anything goes wrong in the mgmt tool at step 2 though,
> then it may never to step 3, leaving the VNC server accessible.
> If it had set a password expiry at step 1, it would have a
> safety net that guarentees the password will be invalid after
> 'n' seconds, even if not explicitly cleared. Given how little
> code this is in QEMU, I think it is a worthwhile feature.

Anthony?  Do you agree?  If so I have a updated tree to pull from for 
you (rebased to latest master, added sign-offs, otherwise unmodified).

thanks,
   Gerd

The following changes since commit 7d72e76228351d18a856f1e4f5365b59d3205dc3:

   intel-hda: documentation update (2010-11-02 00:41:04 +0300)

are available in the git repository at:
   git://anongit.freedesktop.org/spice/qemu passwd.2

Gerd Hoffmann (3):
       vnc: auth reject cleanup
       vnc: support password expire
       vnc/spice: add set_passwd monitor command.

  console.h       |    2 +-
  hmp-commands.hx |   23 ++++++++++++++++++++
  monitor.c       |   61 
+++++++++++++++++++++++++++++++++++++++++++++++++++++-
  ui/qemu-spice.h |    3 ++
  ui/spice-core.c |    7 ++++++
  ui/vnc.c        |   43 +++++++++++++++++++++++---------------
  ui/vnc.h        |    1 +
  7 files changed, 120 insertions(+), 20 deletions(-)