On 1/24/20 10:08 AM, Peter Krempa wrote:
Discourage passing secrets as commandline arguments.
Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
docs/formatsecret.html.in | 88 +++++++++++++++++++++++++--------------
1 file changed, 57 insertions(+), 31 deletions(-)
+ <h2><a id="settingSecrets">Setting secret values in virsh</a></h2>
+
+ </pre>
+
+ <p>
+ The secret can also be set via an argument, but note that other users
+ may see it in the process listing output. The secret must be base64
+ encoded.
Is this last sentence still accurate, given that you can pass --plain to
avoid base64 encoding?
Should the note use <b> or other formatting to call attention to the
security risk of doing it this way?
+ </p>
+
<pre>
# MYSECRET=`printf %s "open sesame" | base64`
# virsh secret-set-value 6dd3e4a5-1d76-44ce-961f-f119f5aad935 $MYSECRET
Secret value set
-
</pre>
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
