Re: Secure barebox

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks for the information!

On 06/01/2015 02:06 PM, Sascha Hauer wrote:
Hi Moritz,

On Mon, Jun 01, 2015 at 11:34:23AM +0200, Moritz Warning wrote:
Hi,

I like to secure access to barebox using a password.
passwd seems to be the right command, but setting a
password does not seem to have any effect.

After a reset, access to barebox is not limited as far
as I can tell.

I've never really used password support. I just gave it a try and I can
only say: It's not usable in its current state. The thing you were
missing is: You must set nv.login.timeout to something nonzero:

nv.login.timeout=3; saveenv

Then afterwards I get asked for a password. If I enter this correctly I
get to the prompt, if I enter the wrong password I'm asked for a
password again. However, when I press ctrl-c or just an empty password I
also get to the prompt.
The password protection support is currently implemented in the
/env/bin/init script. This makes the whole stuff very fragile. The
barebox shell is not designed to be secure. Once the shell is started
the system is insecure, so the password asking process should be done
before entering the shell, not from the shell.

Sascha


_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox




[Index of Archives]     [Linux Embedded]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux