[libvirt] [PATCH 13/17] qemu.conf: remove vnc_auto_unix_socket
Pavel Hrdina
phrdina at redhat.com
Thu May 5 16:59:21 UTC 2016
On Thu, May 05, 2016 at 05:41:45PM +0100, Daniel P. Berrange wrote:
> On Thu, May 05, 2016 at 12:39:24PM -0400, Cole Robinson wrote:
> > On 05/05/2016 12:20 PM, Pavel Hrdina wrote:
> > > This config option is broken, it will generate unix socket even if
> > > attribute 'listen' or listen element is specified.
> > >
> > > Also following commit will makes this option obsolete.
> > >
> > > Signed-off-by: Pavel Hrdina <phrdina at redhat.com>
> >
> > IMO this is not acceptable. For one, there's no precedent for removing a
> > qemu.conf option; IMO it's part of our API.
> >
> > But the reason this option exists is so site admins can make listen
> > type=socket/socket= the graphical default, as opposed to a wide open
> > listen=127.0.0.1 that any user on the host can trivially access. VNC passwords
> > are known insecure, so locking down the listening mechanism is really the only
> > (current) way to secure VNC.
>
> ...TLS with x509 certs and/or SASL is an alternative current secure
> VNC mechanism.
>
> I agree though its desirable to have a global way to make VNC listen
> UNIX sockets instead of localhost
I was afraid that someone would object to this patch :) but it worth the try.
Anyway, I'll redo this so the option is still there and in that case I'll also
add similar option for Spice.
Pavel
More information about the libvir-list
mailing list