From: Anthony Liguori <aliguori@linux.vnet.ibm.com>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: Neil Wilson <neil@aldur.co.uk>, Gerd Hoffmann <kraxel@redhat.com>,
qemu-devel@nongnu.org
Subject: [Qemu-devel] Re: [PATCH] vnc: Fix password expiration through 'change vnc ""'
Date: Mon, 14 Feb 2011 08:14:07 -0600 [thread overview]
Message-ID: <4D5938AF.904@linux.vnet.ibm.com> (raw)
In-Reply-To: <20110214122410.GG2729@redhat.com>
On 02/14/2011 06:24 AM, Daniel P. Berrange wrote:
> On Mon, Feb 14, 2011 at 06:10:04AM -0600, Anthony Liguori wrote:
>
>> On 02/14/2011 04:57 AM, Gerd Hoffmann wrote:
>>
>>> On 01/31/11 21:43, Anthony Liguori wrote:
>>>
>>>> commit 52c18be9e99dabe295321153fda7fce9f76647ac introduced a
>>>> regression in the
>>>> change vnc password command that changed the behavior of setting the VNC
>>>> password to an empty string from disabling login to disabling
>>>> authentication.
>>>>
>>>> This commit refactors the code to eliminate this overloaded semantics in
>>>> vnc_display_password and instead introduces the
>>>> vnc_display_disable_login. The
>>>> monitor implementation then determines the behavior of an empty
>>>> or missing
>>>> string.
>>>>
>>> Hmm, now about simply never ever changing vs->auth?
>>>
>> If auth is none and you do a vnc change password "" then if we don't
>> set vs->auth to vnc, it won't have the desired effect. I really
>> dislike the semantics of this command but that was a past mistake.
>>
> Actually blindly setting 'vs->auth' to 'vnc' is also a security flaw.
>
But this is the semantics of the command. I agree it's stupid but a
security flaw is a regression and this is not a regression.
This is why the set-password command no longer does any of this nonsense.
> If using the VeNCrypt security method, then 'vs->auth' will be VENCRYPT
> and the 'vs->subauth' will possibly indicate the 'VNC' sub-auth scheme.
> So we really do want the change password command to leave 'vs->auth'
> alone completely - just change the password string, with no side effects
> on auth methods. If an app intends to use the change password command
> it will have already launched QEMU with neccessary -vnc flags to set the
> desired vs->auth and vs->subauth methods.
>
I think I see how this could work but I'm not sure it's worth doing.
I'd rather just leave the (bad) semantics of this command alone and
deprecate the interface.
Regards,
Anthony Liguori
> Regards,
> Daniel
>
next prev parent reply other threads:[~2011-02-14 14:14 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-31 20:43 [Qemu-devel] [PATCH] vnc: Fix password expiration through 'change vnc ""' Anthony Liguori
2011-01-31 21:32 ` Anthony Liguori
2011-02-03 16:29 ` [Qemu-devel] " Daniel P. Berrange
2011-02-03 16:35 ` Anthony Liguori
2011-02-03 17:02 ` Daniel P. Berrange
2011-02-03 17:16 ` Anthony Liguori
2011-02-04 8:56 ` Markus Armbruster
2011-02-14 10:57 ` Gerd Hoffmann
2011-02-14 12:10 ` Anthony Liguori
2011-02-14 12:24 ` Daniel P. Berrange
2011-02-14 14:14 ` Anthony Liguori [this message]
2011-02-14 14:47 ` Daniel P. Berrange
2011-02-14 13:56 ` Gerd Hoffmann
2011-02-14 14:16 ` Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D5938AF.904@linux.vnet.ibm.com \
--to=aliguori@linux.vnet.ibm.com \
--cc=berrange@redhat.com \
--cc=kraxel@redhat.com \
--cc=neil@aldur.co.uk \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).