On Thu, Apr 27, 2017 at 17:46:16 +0200, Peter Krempa wrote:
On Thu, Apr 27, 2017 at 16:30:44 +0100, Daniel Berrange wrote:
On Wed, Apr 26, 2017 at 07:52:44PM +0200, Peter Krempa wrote:
Format the string into the "curl" format so that it's accepted by qemu.
Partially resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1140164
[snip]
Your example cookie is rather tame, but I wonder if we should consider cookie values to be security sensitive data, and thus use the secrets mechanism. If we did this would also entail fixes to QEMU to let use its secrets mechanism too.
I thought briefly about the same before posting this, but I went through anyways ...
I'm just wary of re-introducing a bug like CVE-2015-5160 (rbd password information leak), via sensitive cookie values.
We could allow generic cookies passed on the command line and then perhaps add a <cookie name="ble" secure='yes'>value</cookie> which will be passed via the secrets infrastructure.
Or better, treat them as secure by default and make users add secure='no' explicitly so that they are aware of the way we pass it.