[Spice-devel] [spice-gtk 0/5] Add support for looking up connection credentials in a file
Marc-André Lureau
mlureau at redhat.com
Tue Jun 4 09:33:08 PDT 2013
----- Mensaje original -----
> On Tue, Jun 04, 2013 at 12:18:12PM -0400, Marc-André Lureau wrote:
> > > I disagree with this statement (even if this will not be solved by this
> > > series). Something that is automatically used by spice-gtk when provided,
> > > but which is not as insecure as putting the password in the URI would be
> > > nice to have in spice-gtk.
> >
> > The URI or API "password" property are not more insecure than a separate
> > file.
>
> A separate file with 0600 permissions will be more secure than passing a
> password on the command line (which is then visible by other users using
> ps).
It's not spice-gtk fault if people use password in command line, if the client they use doesn't provide other suitable way.
Spice-gtk just provide provides session properties which have nothing to do with command line.
More information about the Spice-devel
mailing list