On Fri, Sep 28, 2007 at 04:14:35PM -0400, Mark Johnson wrote: > > This adds support for handling vncpasswd.. The reason I left this out is that XML ends up in log files, which then end up in bug reports, which then end up indexed by Google ! Also the XML dump is oneof the data items available to users on read-only connections to libvirt. These users shouldn't be able to get the password. At the same time we clearly need to be able to get the passwd at times. We currently have an otherwise unused 'flags' parameter to the virDomainGetXMLDesc method. So I propose we make use of it, so if an app knows it really needs the XML with potentially sensitive data it can explicitly ask for it. It is also possible that there can be slight differences in XML for an inactive guest vs an active one. For example, the <target> element for VIFs would not be present for inactive guests, the port number would be '-1' for VNC if used auto generated ports. Having an flag to explicitly request the XML for 'inactive' state, even when a VM is running would be useful to me in virt-manager. So how about we add enum virDomainXMLFlags { VIR_DOMAIN_XML_SECURE = 1, VIR_DOMAIN_XML_INACTIVE = 1, } With the recomnmendation that if an app uses VIR_DOMAIN_XML_SECURE it should take care not to record that XML anywhere persistent. Mark's patch would basically be the same, but with a couple of lines being conditional on the VIR_DOMAIN_XML_SECURE flag. Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=| -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list