It's insecure to log password, nomatter the password is encrypted or not. And do not log it even in debug mode, in the consideration of resilience, surposing that the log mode has been modified by the attacker. Signed-off-by: Zhang Bo <oscar.zhangbo@xxxxxxxxxx> --- src/libvirt-domain.c | 3 +-- src/qemu/qemu_monitor.c | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c index a12809c2d5..e2a57c178b 100644 --- a/src/libvirt-domain.c +++ b/src/libvirt-domain.c @@ -11340,8 +11340,7 @@ virDomainSetUserPassword(virDomainPtr dom, const char *password, unsigned int flags) { - VIR_DOMAIN_DEBUG(dom, "user=%s, password=%s, flags=0x%x", - NULLSTR(user), NULLSTR(password), flags); + VIR_DOMAIN_DEBUG(dom, "user=%s, flags=0x%x", NULLSTR(user), flags); virResetLastError(); diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 9c853ccb93..9bfaf53b65 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -2241,8 +2241,7 @@ qemuMonitorSetPassword(qemuMonitorPtr mon, if (!protocol) return -1; - VIR_DEBUG("protocol=%s, password=%p, action_if_connected=%s", - protocol, password, action_if_connected); + VIR_DEBUG("protocol=%s, action_if_connected=%s", protocol, action_if_connected); QEMU_CHECK_MONITOR(mon); -- 2.23.0.windows.1