From mboxrd@z Thu Jan 1 00:00:00 1970 From: Graeme Russ Date: Fri, 10 Feb 2012 22:56:40 +1100 Subject: [U-Boot] Password protection of U-Boot command line In-Reply-To: <20120210113838.35473193BB44@gemini.denx.de> References: <20120210113838.35473193BB44@gemini.denx.de> Message-ID: <4F3505F8.1070504@gmail.com> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de Hi Wolfgang, On 02/10/2012 10:38 PM, Wolfgang Denk wrote: > Dear Graeme Russ, > > In message you wrote: >> >> As an adjunct to a recent discussion, I wonder if there would be much >> point in password protecting access to the U-Boot command line. The >> password could be saved in an environment variable as an MD-5 or SHA-256 >> hash. > > We already have such protection, even if it's very simplistic: see > doc/README.autoboot (search for CONFIG_AUTOBOOT_DELAY_STR, > CONFIG_AUTOBOOT_STOP_STR resp. "bootdelaykey" and "bootstopkey"). OK, so the thought of protecting the shell with a password has already happened...But the implementation is to hard-code the password in the U-Boot image or to have it unencrypted in the environment I think we can agree that there is room for improvement :) >> But I wonder if: >> >> a) It's worth it, and; >> b) If it would be secure anyway... >> >> When U-Boot environment editing tools available in the host OS, it would >> be fairly trivial to overwrite the password variable - Unless, of course, >> the host OS did not support that functionality. >> >> This feature may be usefull for devices where every part of the system >> must be tightly controlled (medical devices, voting machines etc) > > Well, in such devices you will typically disable interactive access at > all. Yes, but if you don't allow setting of environment variables from the host OS, how can you change the settings if you need to Sounds like it's not a 'completely ruled out' idea... Regards, Graeme