On Thu, Apr 27, 2017 at 16:30:44 +0100, Daniel Berrange wrote:
On Wed, Apr 26, 2017 at 07:52:44PM +0200, Peter Krempa wrote:
Format the string into the "curl" format so that it's accepted by qemu.
Partially resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1140164
[snip]
Your example cookie is rather tame, but I wonder if we should consider cookie values to be security sensitive data, and thus use the secrets mechanism. If we did this would also entail fixes to QEMU to let use its secrets mechanism too.
I thought briefly about the same before posting this, but I went through anyways ...
I'm just wary of re-introducing a bug like CVE-2015-5160 (rbd password information leak), via sensitive cookie values.
We could allow generic cookies passed on the command line and then perhaps add a <cookie name="ble" secure='yes'>value</cookie> which will be passed via the secrets infrastructure. In that case I should probably add a statement saying that the cookies are passed in a insecure way., This way generic cookies can be passed even now and the provision for secure cookies can be added once qemu adds that feature. Peter