Daniel P. Berrangé <berra...@redhat.com> writes: > On Wed, Nov 30, 2022 at 02:25:53PM +0100, Markus Armbruster wrote: >> Daniel P. Berrangé <berra...@redhat.com> writes: > >> > In 6.0 I introduced support for 'password-secret' to SPICE and VNC >> > command line. >> > >> > I don't know why, but I only deprecated 'password' in SPICE and >> > not in VNC. >> >> I figure you mean >> >> ``-spice password=string`` (since 6.0) >> '''''''''''''''''''''''''''''''''''''' >> >> This option is insecure because the SPICE password remains visible in >> the process listing. This is replaced by the new ``password-secret`` >> option which lets the password be securely provided on the command >> line using a ``secret`` object instance. >> >> and -vnc password=... >> >> There's also -iscsi password=..., and possibly more. > > Oh, iSCSI already has password-secret=, so yeah, we should > deprecate the old way there too.
Would you like to prepare the patch? > Basically I want nothing in QMP/CLI to accept passwords, > everything must use the 'secret' objects. Understood. >> > I didn't wire up any QMP commands todo live password changes. If >> > the display was already configured with 'password-secret', you >> > could delete and re-create the existing named secret object >> > using object-add/object-del, since we fetch the secret value >> > on every auth check. >> >> Is this behavior documented? > > I don't believe so No need if we provide a more direct solution, like the one you sketched (extending display-update).
