From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:44026) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1THELB-0007et-Oa for qemu-devel@nongnu.org; Thu, 27 Sep 2012 09:41:29 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1THEL0-0000n1-1t for qemu-devel@nongnu.org; Thu, 27 Sep 2012 09:41:21 -0400 Received: from indium.canonical.com ([91.189.90.7]:58120) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1THEKz-0000mm-SF for qemu-devel@nongnu.org; Thu, 27 Sep 2012 09:41:09 -0400 Received: from loganberry.canonical.com ([91.189.90.37]) by indium.canonical.com with esmtp (Exim 4.71 #1 (Debian)) id 1THEKy-0003s5-Go for ; Thu, 27 Sep 2012 13:41:08 +0000 Received: from loganberry.canonical.com (localhost [127.0.0.1]) by loganberry.canonical.com (Postfix) with ESMTP id 64FC32E8084 for ; Thu, 27 Sep 2012 13:41:08 +0000 (UTC) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Date: Thu, 27 Sep 2012 13:32:54 -0000 From: "Stephan S." <697197@bugs.launchpad.net> Sender: bounces@canonical.com References: <20110104122142.23014.63077.malonedeb@gandwana.canonical.com> Message-Id: <20120927133254.22882.90687.launchpad@soybean.canonical.com> Errors-To: bounces@canonical.com Subject: [Qemu-devel] [Bug 697197] Re: Empty password allows access to VNC in libvirt Reply-To: Bug 697197 <697197@bugs.launchpad.net> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org ** Branch linked: lp:ubuntu/precise/qemu-kvm -- = You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/697197 Title: Empty password allows access to VNC in libvirt Status in libvirt virtualization API: Unknown Status in QEMU: Confirmed Status in qemu-kvm: Unknown Status in =E2=80=9Clibvirt=E2=80=9D package in Ubuntu: Invalid Status in =E2=80=9Cqemu-kvm=E2=80=9D package in Ubuntu: Fix Released Status in =E2=80=9Clibvirt=E2=80=9D source package in Lucid: Invalid Status in =E2=80=9Cqemu-kvm=E2=80=9D source package in Lucid: Fix Released Status in =E2=80=9Clibvirt=E2=80=9D source package in Maverick: Invalid Status in =E2=80=9Cqemu-kvm=E2=80=9D source package in Maverick: Fix Released Status in =E2=80=9Clibvirt=E2=80=9D source package in Natty: Invalid Status in =E2=80=9Cqemu-kvm=E2=80=9D source package in Natty: Fix Released Status in =E2=80=9Clibvirt=E2=80=9D source package in Karmic: Invalid Status in =E2=80=9Cqemu-kvm=E2=80=9D source package in Karmic: Fix Released Status in =E2=80=9Cqemu-kvm=E2=80=9D package in Debian: Fix Released Bug description: The help in the /etc/libvirt/qemu.conf states "To allow access without passwords, leave this commented out. An empty string will still enable passwords, but be rejected by QEMU effectively preventing any use of VNC." yet setting: vnc_password=3D"" allows access to the vnc console without any password prompt just as if it is hashed out completely. ProblemType: Bug DistroRelease: Ubuntu 10.10 Package: libvirt-bin 0.8.3-1ubuntu14 ProcVersionSignature: Ubuntu 2.6.35-24.42-server 2.6.35.8 Uname: Linux 2.6.35-24-server x86_64 Architecture: amd64 Date: Tue Jan 4 12:18:35 2011 InstallationMedia: Ubuntu-Server 10.04.1 LTS "Lucid Lynx" - Release amd64= (20100816.2) ProcEnviron: LANG=3Den_GB.UTF-8 SHELL=3D/bin/bash SourcePackage: libvirt To manage notifications about this bug go to: https://bugs.launchpad.net/libvirt/+bug/697197/+subscriptions