|
From: | Gerd Hoffmann |
Subject: | Re: [Qemu-devel] [PATCH STABLE-0.14/0.15/master] CVE-2011-0011: fix VNC password change to not touch authentication settings |
Date: | Wed, 24 Aug 2011 16:52:12 +0200 |
User-agent: | Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.20) Gecko/20110805 Red Hat/3.1.12-1.el6_1 Thunderbird/3.1.12 |
Hi,
I'll buy an argument about usability but not about security. We need a higher level command to disable login
expire_password vnc now
and a higher level command to set the vnc password. This interface should be considered deprecated.
set_password vnc secret HTH, Gerd
[Prev in Thread] | Current Thread | [Next in Thread] |