From 3c5c90ca1973f0a68bdcd0950375abba10770d7a Mon Sep 17 00:00:00 2001 From: Peter Krempa Date: Fri, 24 Jan 2020 16:16:27 +0100 Subject: [PATCH] virsh: secret: Print warning that passing secret on command-line is insecure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Print a warning if users pass in secrets as command line arguments and mention it in the man page. Signed-off-by: Peter Krempa Reviewed-by: Daniel P. Berrangé --- docs/manpages/virsh.rst | 3 +++ tools/virsh-secret.c | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst index a7551b9709..823f130f1c 100644 --- a/docs/manpages/virsh.rst +++ b/docs/manpages/virsh.rst @@ -6571,6 +6571,9 @@ Base64-encoded value *base64* or Base-64-encoded contents of file named Note that *--file* and *base64* options are mutually exclusive. +Passing secrets via the *base64* option on command line is INSECURE and +deprecated. Use the *--file* option instead. + secret-get-value ---------------- diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c index 66852173b5..0ca08bc133 100644 --- a/tools/virsh-secret.c +++ b/tools/virsh-secret.c @@ -217,6 +217,10 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd) return false; } + /* warn users that the --base64 option passed from command line is wrong */ + if (base64) + vshError(ctl, _("Passing secret value as command-line argument is insecure!")); + if (filename) { ssize_t read_ret; if ((read_ret = virFileReadAll(filename, 1024, &file_buf)) < 0) {