[PATCH 4/4] bhyve: add VNC password support

Daniel P. Berrangé berrange at redhat.com
Wed May 6 13:41:13 UTC 2020 

On Wed, May 06, 2020 at 01:35:55PM +0000, Fabian Freyer wrote:
> Support setting a password for the VNC framebuffer using the passwd
> attribute on the <graphics/> element, if the driver has the
> BHYVE_CAP_VNC_PASSWORD capability.
> 
> Note that virsh domxml-from-native does not output the password in the
> generated XML, as VIR_DOMAIN_DEF_FORMAT_SECURE is not set when
> formatting the domain definition.
> 
> Signed-off-by: Fabian Freyer <fabian.freyer at physik.tu-berlin.de>
> ---
>  docs/news.xml                                 | 11 +++++
>  src/bhyve/bhyve_command.c                     | 33 ++++++++++-----
>  src/bhyve/bhyve_parse_command.c               |  5 +++
>  .../bhyveargv2xml-vnc-password.args           | 10 +++++
>  .../bhyveargv2xml-vnc-password.xml            | 22 ++++++++++
>  tests/bhyveargv2xmltest.c                     |  3 +-
>  .../bhyvexml2argv-vnc-password-comma.xml      | 26 ++++++++++++
>  .../bhyvexml2argv-vnc-password.args           | 12 ++++++
>  .../bhyvexml2argv-vnc-password.ldargs         |  1 +
>  .../bhyvexml2argv-vnc-password.xml            | 26 ++++++++++++
>  tests/bhyvexml2argvtest.c                     |  7 +++-
>  .../bhyvexml2xmlout-vnc-password.xml          | 41 +++++++++++++++++++
>  tests/bhyvexml2xmltest.c                      |  1 +
>  13 files changed, 185 insertions(+), 13 deletions(-)
>  create mode 100644 tests/bhyveargv2xmldata/bhyveargv2xml-vnc-password.args
>  create mode 100644 tests/bhyveargv2xmldata/bhyveargv2xml-vnc-password.xml
>  create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-vnc-password-comma.xml
>  create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-vnc-password.args
>  create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-vnc-password.ldargs
>  create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-vnc-password.xml
>  create mode 100644 tests/bhyvexml2xmloutdata/bhyvexml2xmlout-vnc-password.xml

> diff --git a/tests/bhyveargv2xmldata/bhyveargv2xml-vnc-password.args b/tests/bhyveargv2xmldata/bhyveargv2xml-vnc-password.args
> new file mode 100644
> index 0000000000..c16e970795
> --- /dev/null
> +++ b/tests/bhyveargv2xmldata/bhyveargv2xml-vnc-password.args
> @@ -0,0 +1,10 @@
> +/usr/sbin/bhyve \
> +-c 1 \
> +-m 214 \
> +-u \
> +-H \
> +-P \
> +-s 0:0,hostbridge \
> +-l bootrom,/path/to/test.fd \
> +-s 4:0,fbuf,tcp=127.0.0.1:5904,password=s3cr3t \

On Linux at least, providing passwords on the command line is considered
a security flaw, because any user can see the command line args of any
other process on the host.

If CLI args of processes are similarly visible to other users on FreeBSD,
then this VNC password would be a security flaw.


Of course VNC password auth scheme itself is a security flaw since it is
using Single-DES :-)

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

More information about the libvir-list mailing list