[U-Boot] Disable command at runtime
Wolfgang Denk
wd at denx.de
Mon Aug 1 21:59:46 CEST 2016
Dear Petr,
In message <1f085e1d-378c-5f29-2f35-988b8d110da8 at elnico.cz> you wrote:
>
> I wonder whether it is possible to dynamically enable/disable a command.
> Since u-boot does not provide any secure authentication method, it is
> dangerous to keep some commands available to a potential hacker. E.g.
If some evil guy has access to the U-Boot command line interface you
are pawned anyway.
> the "fuse" command. On the other hand, I need these commands during the
> manufacturing process. So my idea is to enable/disable the commands
> dynamically based on some obscure logic. Is there a way to do it without
> need to deeply hack the code?
You have to modify the code to implement such a thing; but it should
not require any "deep hacking". But then, I doubt it's useful. If
you let an attacker run _any_ commands on your system you are already
doomed. If it's in U-Boot, you lost.
Best regards,
Wolfgang Denk
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
Of course there's no reason for it, it's just our policy.
More information about the U-Boot
mailing list