|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] ioemu: empty vnc passwd
On Wed, Jan 23, 2008 at 04:50:39PM +0000, Samuel Thibault wrote: > Samuel Thibault, le Wed 23 Jan 2008 16:42:33 +0000, a écrit : > > Daniel P. Berrange, le Wed 23 Jan 2008 16:28:11 +0000, a écrit : > > > VNC password authentication is turned on / off via the ',passwd' flag on > > > the -vnc command line to QEMU. If password auth is on, and a zero length > > > string is found as a password, then all logins are completely disabled - > > > the VNC password auth code will fail all logins. If passwd auth is off on > > > the command line, then any password stored in xenstore is irrelevant, no > > > matter what length it is. > > > > Ok, so the real fix seems to be to take that flag into account (which is > > not the case currently). > > Which actually boils down to applying the two patches I have proposed: > on a xenstore read failure, an empty password is stored (which is fine > when there is no passwd in the configuration), and hence if ',passwd' > was given on the -vnc command line (i.e. some passwd was given in the > configuration but it somehow didn't make through to xenstore), all > logins will be completely disabled, so we're on the safe side. Yes, that sounds like correct behaviour - if password goes missing from xenstore then clients are rejected Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=| _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |