Re: [Xen-devel] [PATCH] Scrub VNC passwords from XenD log files

[Ewan Mellor <ewan@xxxxxxxxxxxxx>]

On Wed, Dec 06, 2006 at 07:43:09PM +0000, Daniel P. Berrange wrote:

> On Wed, Dec 06, 2006 at 05:24:36PM +0000, Ewan Mellor wrote:
> > On Wed, Dec 06, 2006 at 05:16:03PM +0000, Daniel P. Berrange wrote:
> > 
> > > I didn't add the signed-off-by because the patch isn't finished - I 
> > > really 
> > > just wanted to see if people were amenable to this kind of approach before
> > > doing more work on it. Since you like it, I'll finish it off shortly - 
> > > there
> > > just a couple more test cases I need to go through - suspend/restore & 
> > > inactive
> > > domains - to verify passwords are always scrubbed correctly. I'll post a 
> > > final
> > > version of the patch by the end of today if all goes to plan.
> > 
> > Great, thanks.  I think you're right that this is the best of all the
> > available options, fiddly though it is.  Perhaps we could write a final 
> > check
> > at the end of xm-test, to make sure that "vncpasswd" doesn't appear in the
> > logs anywhere -- that would make sure that this never regresses.
> 
> Attached is a final version of the patch to scrub passwords. I have tested
> it with HVM guests, and parvirt guests, using 'start', 'new', 'create',
> 'suspend', 'resume' commands to XM. In all cases, no password was present
> to the XenD log files created.
> 
>   Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>

Applied, thanks.

Ewan.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel