On Fri, Sep 16, 2011 at 10:01, Sage Weil <sage@xxxxxxxxxxxx> wrote: >> If I'm reading this right, that puts the ceph secret on the kvm >> command line. That's not good, that makes it visible to anyone on the >> host. > Yeah, we definitely want something better, but I wanted to make sure the > overall approach is fine before doing something too annoying with > temporary unlinked files or environment variables or something. That sounds good. Except for the environment variables part; while some effort is put into guarding the environment, there have been several ways of reading other processes' environment, historically. I wouldn't rely on environment to stay secret, ever. -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list