Dear Petr, In message <9c257c71-97b6-a83e-3d9d-e3a8459fc...@elnico.cz> you wrote: > > Anyway, at least a user feedback / feature request... I believe it would > be useful for many users to have a manufacturing mode, which they would > escape permanently by e.g. executing some command. In normal mode, some > commands would be disabled. Logic would be similar to > CONFIG_OVERWRITE_ETHADDR_ONCE.
How could that ever be "safe" - in the sense of protecting against an attacker? How could you perform such a "switch" between modes? By setting some bit somewhere. And it has to be in some persistent storage. And the source code of your image is available to the public. What should prevent an attacker from undoing your bit setting and switching back to "full" mode? U-Boot is a boot loader, not a high security environment. If you grand somebody access to the U-Boot command line interface, he owns the system. If not directly, so by just pulling a few simple tricks. Best regards, Wolfgang Denk -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: w...@denx.de If it went on at this rate, in several billion years he'd be rich beyond his wildest dreams! - Terry Pratchett, _Soul Music_ _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
