Google Git
Sign in
qemu / qemu / 99522f69d62216f5d9581f66f2c0edca6bd48f78
commit99522f69d62216f5d9581f66f2c0edca6bd48f78[log] [tgz]
authorDaniel P. Berrangé <berrange@redhat.com>Thu Mar 11 11:43:42 2021 +0000
committerGerd Hoffmann <kraxel@redhat.com>Mon Mar 15 17:36:20 2021 +0100
tree5f0ad49410504389ac7f87f3d1f2e8019f729c94
parent6c6840e9281cf2fd3b29d77f45b18949d4a83944 [diff]
ui: introduce "password-secret" option for SPICE server

Currently when using SPICE the "password" option provides the password
in plain text on the command line. This is insecure as it is visible
to all processes on the host. As an alternative, the password can be
provided separately via the monitor.

This introduces a "password-secret" option which lets the password be
provided up front.

  $QEMU --object secret,id=vncsec0,file=passwd.txt \
        --spice port=5901,password-secret=vncsec0

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20210311114343.439820-3-berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2 files changed
tree: 5f0ad49410504389ac7f87f3d1f2e8019f729c94
  1. .github/
  2. .gitlab-ci.d/
  3. accel/
  4. audio/
  5. authz/
  6. backends/
  7. block/
  8. bsd-user/
  9. chardev/
  10. contrib/
  11. crypto/
  12. default-configs/
  13. disas/
  14. docs/
  15. dump/
  16. fpu/
  17. fsdev/
  18. gdb-xml/
  19. hw/
  20. include/
  21. io/
  22. libdecnumber/
  23. linux-headers/
  24. linux-user/
  25. migration/
  26. monitor/
  27. nbd/
  28. net/
  29. pc-bios/
  30. plugins/
  31. po/
  32. python/
  33. qapi/
  34. qga/
  35. qobject/
  36. qom/
  37. replay/
  38. roms/
  39. scripts/
  40. scsi/
  41. semihosting/
  42. softmmu/
  43. storage-daemon/
  44. stubs/
  45. subprojects/
  46. target/
  47. tcg/
  48. tests/
  49. tools/
  50. trace/
  51. ui/
  52. util/
  53. capstone
  54. dtc
  55. meson
  56. slirp
  57. .cirrus.yml
  58. .dir-locals.el
  59. .editorconfig
  60. .exrc
  61. .gdbinit
  62. .gitattributes
  63. .gitignore
  64. .gitlab-ci.yml
  65. .gitmodules
  66. .gitpublish
  67. .mailmap
  68. .patchew.yml
  69. .readthedocs.yml
  70. .travis.yml
  71. block.c
  72. blockdev-nbd.c
  73. blockdev.c
  74. blockjob.c
  75. configure
  76. COPYING
  77. COPYING.LIB
  78. cpu.c
  79. cpus-common.c
  80. disas.c
  81. exec-vary.c
  82. gdbstub.c
  83. gitdm.config
  84. hmp-commands-info.hx
  85. hmp-commands.hx
  86. iothread.c
  87. job-qmp.c
  88. job.c
  89. Kconfig
  90. Kconfig.host
  91. LICENSE
  92. MAINTAINERS
  93. Makefile
  94. memory_ldst.c.inc
  95. meson.build
  96. meson_options.txt
  97. module-common.c
  98. os-posix.c
  99. os-win32.c
  100. qemu-bridge-helper.c
  101. qemu-edid.c
  102. qemu-img-cmds.hx
  103. qemu-img.c
  104. qemu-io-cmds.c
  105. qemu-io.c
  106. qemu-keymap.c
  107. qemu-nbd.c
  108. qemu-options-wrapper.h
  109. qemu-options.h
  110. qemu-options.hx
  111. qemu.nsi
  112. qemu.sasl
  113. README.rst
  114. replication.c
  115. replication.h
  116. thunk.c
  117. trace-events
  118. VERSION
  119. version.rc