On Tue, Jun 04, 2013 at 12:18:12PM -0400, Marc-André Lureau wrote: > > I disagree with this statement (even if this will not be solved by this > > series). Something that is automatically used by spice-gtk when provided, > > but which is not as insecure as putting the password in the URI would be > > nice to have in spice-gtk. > > The URI or API "password" property are not more insecure than a separate file. A separate file with 0600 permissions will be more secure than passing a password on the command line (which is then visible by other users using ps). Christophe
Attachment:
pgpx8fxX_VsRA.pgp
Description: PGP signature
_______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel