From: Graeme Russ <graeme.russ@gmail.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] Password protection of U-Boot command line
Date: Sun, 12 Feb 2012 21:03:29 +1100 [thread overview]
Message-ID: <4F378E71.1090100@gmail.com> (raw)
In-Reply-To: <CACW_hTYv179qWbQUiuv_qQbE_bLy9b_H-qpZSbcjkPio9-2yzg@mail.gmail.com>
Hi Frans,
On 02/11/2012 08:00 PM, Frans Meulenbroeks wrote:
>
> Graeme, if you want to keep people outisde the bootloader in a
> reasonably safe way and are developing your own hardware an option is
> to put the password in e.g. an eeprom and do a compare in u-boot.
> Of course a persistent hacker could retrieve the password but a casual
> user will not be able to enter.
> Having the password in eeprom makes that it is not disclosed with the
> code, it can be changed etc. Just make sure users do not have easy
> (sw) access to the device the password resides in, so e.g.disable
> access one way or another.
The problem is when the 'super secret password' get out into the wild (I
suggest you google 'Stuxnet' - not bootloader related, but highlights the
flaws of 'security by obscurity')
> One other way to prevent accidental access would be a jumper. If
> present no access to u-boot possible at all, if not present access is
> possible. And some stuff on it to view if it is tampered with.
> (if the jumper raises or lowers a gpio device on an i2c chip this can
> be easily detected in a u-boot script and depending on that action
> could be taken).
Yes, a jumper is one idea to prevent command line access as it would
require physical alterations which can be easily detected (stickers for
example)
But what if there as some commands the end-user is safe to use and some
that only the manufacturer should use - Of course the argument would be
that the end-user commands should be in the OS and I would tend to agree
Regards,
Graeme
next prev parent reply other threads:[~2012-02-12 10:03 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-10 5:16 [U-Boot] Password protection of U-Boot command line Graeme Russ
2012-02-10 11:38 ` Wolfgang Denk
2012-02-10 11:56 ` Graeme Russ
2012-02-10 12:30 ` Marek Vasut
2012-02-10 13:31 ` Wolfgang Denk
2012-02-10 14:12 ` Frans Meulenbroeks
2012-02-10 14:27 ` Wolfgang Denk
2012-02-10 21:14 ` Frans Meulenbroeks
2012-02-11 0:44 ` Wolfgang Denk
2012-02-10 20:29 ` Mike Frysinger
2012-02-10 20:37 ` Mike Frysinger
2012-02-11 4:17 ` Graeme Russ
2012-02-11 9:00 ` Frans Meulenbroeks
2012-02-11 20:14 ` Wolfgang Denk
2012-02-12 10:03 ` Graeme Russ [this message]
2012-02-11 20:09 ` Wolfgang Denk
2012-02-12 9:33 ` Graeme Russ
2012-02-12 17:52 ` Mike Frysinger
2012-02-12 19:17 ` Wolfgang Denk
2012-02-12 22:31 ` Graeme Russ
2012-02-13 7:31 ` Wolfgang Denk
2012-02-13 11:50 ` Graeme Russ
2012-02-13 14:10 ` Wolfgang Denk
2012-02-10 13:27 ` Wolfgang Denk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F378E71.1090100@gmail.com \
--to=graeme.russ@gmail.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox