WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-devel

[Top] [All Lists]

[Xen-devel] RE: [PATCH][Take 2] VNC authentification

from [Ian Pratt]

[Permanent Link][Original]

To:	"Daniel P. Berrange" <berrange@xxxxxxxxxx>, "Anthony Liguori" <aliguori@xxxxxxxxxx>
Subject:	[Xen-devel] RE: [PATCH][Take 2] VNC authentification
From:	"Ian Pratt" <m+Ian.Pratt@xxxxxxxxxxxx>
Date:	Mon, 2 Oct 2006 20:15:13 +0100
Cc:	xen-devel@xxxxxxxxxxxxxxxxxxx, Masami Watanabe <masami.watanabe@xxxxxxxxxxxxxx>
Delivery-date:	Mon, 02 Oct 2006 12:16:44 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References:	<3AAA99889D105740BE010EB6D5A5A3B202A3D2@xxxxxxxxxxxxxxxxxxxxxxxxxx> <JX200609291747343.1765484@xxxxxxxxxxxxxx> <20060929221145.GE8564@xxxxxxxxxx> <JH200610010353334.2150046@xxxxxxxxxxxxxx> <20061002162232.GB1730@xxxxxxxxxx> <45214B54.8060805@xxxxxxxxxx> <20061002181231.GC1730@xxxxxxxxxx>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index:	AcbmTlxXs7+amxFQRBWCGtnwXGooowACISig
Thread-topic:	[PATCH][Take 2] VNC authentification

> > Why even bother encrypting the password?  We're using a well known
DES
> > key so there is no security here.  A user must still take
appropriate
> > precautions to protect the config files.  In fact, I think munging
the
> > password like this gives a false sense of security.
> 
> Yeah, we really need to chmod 700 the /etc/xen directory to protect
> the passwords.  Once this is done, there isn't much to be gained
> from encryption in the file itself except for obfuscating it from
> the benign casual observer. Using plain text in the config file would
> make life easier to tools too, because they won't have to carry about
> this VNC-specific DES encryption routine just to create passwds in the
> guest config

Yep, let's change the permissions and use plain text passwords. No point
giving people a false sense of security.

Ian

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] Re: [PATCH][Take 2] VNC authentification, Daniel P. Berrange [Xen-devel] Re: [PATCH][Take 2] VNC authentification, Anthony Liguori [Xen-devel] Re: [PATCH][Take 2] VNC authentification, Daniel P. Berrange [Xen-devel] RE: [PATCH][Take 2] VNC authentification, Ian Pratt <= [Xen-devel] RE: [PATCH][Take 2] VNC authentification, Masami Watanabe [Xen-devel] [PATCH][Take 3] VNC authentification, Masami Watanabe Re: [Xen-devel] [PATCH][Take 3] VNC authentification, Anthony Liguori Re: [Xen-devel] [PATCH][Take 3] VNC authentification, Daniel P. Berrange Re: [Xen-devel] [PATCH][Take 3] VNC authentification, Anthony Liguori

Previous by Date:	[Xen-devel] Xen Summit presentations available, Simon Crosby
Next by Date:	[Xen-devel] Re: [PATCH] add timeouts to mini-os, Grzegorz Milos
Previous by Thread:	[Xen-devel] Re: [PATCH][Take 2] VNC authentification, Daniel P. Berrange
Next by Thread:	[Xen-devel] RE: [PATCH][Take 2] VNC authentification, Masami Watanabe
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix