This is the mail archive of the
ecos-discuss@sources.redhat.com
mailing list for the eCos project.
Re: Protecting RedBoot in the field
- From: Gary Thomas <gthomas at ecoscentric dot com>
- To: Andrew Lunn <andrew dot lunn at ascom dot ch>
- Cc: eCos Disuss <ecos-discuss at sources dot redhat dot com>
- Date: 28 Oct 2002 08:13:02 -0700
- Subject: Re: [ECOS] Protecting RedBoot in the field
- References: <20021028103111.GV16433@biferten.ma.tech.ascom.ch>
On Mon, 2002-10-28 at 03:31, Andrew Lunn wrote:
> Hi Folks
>
> The devices we send out into the field still have redboot installed on
> them. We are thinking this is a bit dangerous. Anyone can connect to
> the serial port and hijack the devices, download tetris, destroy the
> flash etc.
>
> I don't want to remove the functionality of redboot. Its useful for
> getting dead devices back to life and we do all our development work
> with redboot starting the system. I don't like the idea of change to a
> ROMRAM application.
>
> Putting a password login onto the console seems the obvious
> solution. Does anyone have any other ideas or other solutions they are
> already using?
Most units in the field that use RedBoot either don't have a serial
port at all (!) or simply "cover it up" for production use.
That said, I think a password (stored in 'fconfig') would be a
great addition.
--
------------------------------------------------------------
Gary Thomas |
eCosCentric, Ltd. |
+1 (970) 229-1963 | eCos & RedBoot experts
gthomas@ecoscentric.com |
http://www.ecoscentric.com/ |
------------------------------------------------------------
--
Before posting, please read the FAQ: http://sources.redhat.com/fom/ecos
and search the list archive: http://sources.redhat.com/ml/ecos-discuss