On Tue, May 12, 2020 at 21:06:14 +0800, Zhang Bo wrote:
> It's insecure to log password, nomatter the password is encrypted or
> not. And do not log it even in debug mode, in the consideration of
> resilience, surposing that the log mode has been modified by the
> attacker.
That is true ...
>
>
It's insecure to log password, nomatter the password is encrypted or
not. And do not log it even in debug mode, in the consideration of
resilience, surposing that the log mode has been modified by the
attacker.
Signed-off-by: Zhang Bo
---
src/libvirt-domain.c| 3 +--
src/qemu/qemu_monitor.c