[U-Boot] sha256_crypt for uboot
Wolfgang Denk
wd at denx.de
Mon Jul 9 21:38:31 CEST 2012
Dear Richard Retanubun,
In message <4FFAE18D.3080809 at ruggedcom.com> you wrote:
>
> Thus, we aim to add the ability uboot to identify users, much like the payload OS does
> before granting access to its CLI (if the user interrupts the boot process).
You are opening a can of worms here, and I bet you don't know yet how
big it is. U-Boot has never been designed with any such level of
security in mind.
If you want securityu, then add it to an environment which has been
designed for it, i. e. use an OS like Linux. Use U-Boot just to boot
this OS, and don't give anybody an easy chance to break in.
On the other hand, realize how complicated it is just to attach a JTAG
debugger and take over full controll of your board. Yes, even if you
don't provide a connector to such an interface. I know quite a number
of systems that have been "opened" this way.
Frankly, I doubt this makes sense from a technical point of view.
[Yes, I know that there are situations where management and.or
marketing asks for such stuff. But is that a good reason to do it?]
Best regards,
Wolfgang Denk
--
DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
Old programmers never die, they just become managers.
More information about the U-Boot
mailing list