All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jason Markley (ggsg) <jamarkle@ggsg.cisco.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] Does U-boot support ASLR?
Date: Thu, 09 Feb 2012 18:08:14 -0500	[thread overview]
Message-ID: <4F3451DE.3050503@ggsg.cisco.com> (raw)
In-Reply-To: <CALButC+TisJ+Qeff=H=6br=-7T44-xnPFobxMO9MqxBvQWHsnA@mail.gmail.com>



On 2/9/12 5:16 PM, Graeme Russ wrote:
> Hi Guys,
>
> My 2c worth...
>
> The thought of applying ASLR to improve security is pointless unless you
> have identified a reason to do so. You can't just apply a security
> hardening technique willy-nilly and expect you security to improve. The
> security of a system is equal to the weakest link and no amount of
> strengthening the other links will improve security
Agreed, but in the grand scheme of things, does that mean the
maintainers of U-boot will ONLY allow patches in that fix the biggest
security hole that currently exists?  If someone desires to patch a
small hole because they have a reason to, or desire to, but it's
currently the biggest hole out there, should said person be denied the
opportunity to present a patch for the hole they've identified?
>
> Remember, U-Boot is a boot-loader. It is very transitory. Think about how
> an attacker could exploit U-Boot (Hint: 10s after booting, they can't)
What about the U-boot API infrastructure?  Isn't that designed to allow
a program that U-boot loads to call back into U-boot to perform some
function?  Doesn't that mean U-boot is no longer transitory?

-Jason
>
> Network: Hit it with IP packets - But U-Boot only activates network code
> on as as-needed basis (typically when someone runs a net command like tftp
> etc) so you already have U-Boot shell access anyway
>
> Serial: Buffer overruns on commands - U-Boot will crash and the board
> reboots and again, you probably already had/have shell access
>
> So it starts to boil down to protecting access to the shell - Access to
> the shell opens up all sorts of possibilities such as changing environment
> variables (including scripts) up to completely replacing the U-Boot image
>
> So my thought would be, if you want to improve U-Boot security, perhaps
> implement password protection on the shell
>
> Regards,
>
> Graeme
> _______________________________________________
> U-Boot mailing list
> U-Boot at lists.denx.de
> http://lists.denx.de/mailman/listinfo/u-boot
>

  reply	other threads:[~2012-02-09 23:08 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-02-09 14:47 [U-Boot] Does U-boot support ASLR? Jason Markley
2012-02-09 15:13 ` Wolfgang Denk
2012-02-09 15:59   ` Mike Frysinger
     [not found]     ` <4F34125B.9070802@cisco.com>
2012-02-09 18:58       ` Mike Frysinger
2012-02-09 19:28         ` Scott Wood
2012-02-09 19:50           ` Mike Frysinger
2012-02-09 20:03             ` Jason Markley
2012-02-09 20:06             ` Scott Wood
2012-02-09 20:34               ` Mike Frysinger
2012-02-09 20:54                 ` Jason Markley
2012-02-09 19:55           ` Jason Markley
2012-02-09 20:31             ` Mike Frysinger
2012-02-09 22:16               ` Graeme Russ
2012-02-09 23:08                 ` Jason Markley [this message]
2012-02-10  0:09                   ` Graeme Russ
2012-02-10 11:44                   ` Wolfgang Denk
2012-02-09 19:56           ` Jason Markley
     [not found]   ` <4F33E93E.5070804@ggsg.cisco.com>
2012-02-10  7:07     ` Wolfgang Denk
2012-02-10 13:47       ` Jason Markley
2012-02-10 14:23         ` Wolfgang Denk

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4F3451DE.3050503@ggsg.cisco.com \
    --to=jamarkle@ggsg.cisco.com \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.