[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v3] spice: Allow to set password even if disable
|
From: |
Gerd Hoffmann |
|
Subject: |
Re: [Qemu-devel] [PATCH v3] spice: Allow to set password even if disable-ticketing was used |
|
Date: |
Mon, 12 Oct 2015 15:43:51 +0200 |
On Mo, 2015-10-12 at 13:25 +0200, Christophe Fergeau wrote:
> Before commit b1ea7b79e1, it was possible to start with -spice
> disable-ticketing, and then use the "set_password spice" command to
> enable ticketing with SPICE. Since commit b1ea7b79e1 this is no longer
> possible as qemu_spice_set_ticket() will return an error unless the
> 'auth' type is "spice". When ticketing is disabled, 'auth' is "none" so
> the attempt to set password fails.
Huh? And this actually worked? i.e. spice_server_set_ticket() has an
effect after spice_server_set_noauth() was called?
> This change of behaviour caused a bug in oVirt
> https://gerrit.ovirt.org/#/c/44842/
Hmm, I'd say fix this in ovirt then [1].
If you want run with spice authentication, then say so when starting
qemu. Switching authentication methods as side-effect of setting the
password is asking for trouble. We had that with vnc. We finally got
rid of it a while ago. I don't feel like opening that can of worms
again.
Also it encourages bad security practice. If you turn on password auth
as side effect of setting the password there is a window where one can
access the virtual machine without a password, which probably is not
what you want.
If there is an actual use case where switching authentication methods at
runtime is needed we can discuss that. But we'll be doing that as
explicit monitor command, not as side-effect of something else.
cheers,
Gerd
[1] You have to do that anyway. We had three qemu releases (2.1 to
2.3) with that behavior ...