|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] RE: [PATCH][Take 2] VNC authentification
Hi, Thanks all, I will marshal code about the password from config file. (It doesn't use base64 decode and DES decrypt to the password of config file) And, I think that chmod 600 is necessary also for /var/log/xend.log. Regards, Masami Watanabe On Mon, 2 Oct 2006 20:15:13 +0100, Ian Pratt wrote: > > > Why even bother encrypting the password? We're using a well known > DES > > > key so there is no security here. A user must still take > appropriate > > > precautions to protect the config files. In fact, I think munging > the > > > password like this gives a false sense of security. > > > > Yeah, we really need to chmod 700 the /etc/xen directory to protect > > the passwords. Once this is done, there isn't much to be gained > > from encryption in the file itself except for obfuscating it from > > the benign casual observer. Using plain text in the config file would > > make life easier to tools too, because they won't have to carry about > > this VNC-specific DES encryption routine just to create passwds in the > > guest config > > Yep, let's change the permissions and use plain text passwords. No point > giving people a false sense of security. > > Ian _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |