[OpenWrt-Devel] [PATCH] base-files utils/busybox: Make requiring login in console default for easily accessed devices

Daniel Dickinson openwrt at daniel.thecshore.com
Wed Dec 23 07:27:37 EST 2015


Hi Imre,

Thanks for this!  This indeed would be my preference, I just thought 
there wouldn't be any appetite for it on the grounds I mentioned. Before 
I work up a version of the patch that isn't as desirable from a security 
perspective, I have another concept that ought to solve the ar71xx 
problem of unknown serial console for purposes of inittab in squashfs 
(leaving ramips as the one platform that I don't know if the serial 
console is known but and just wasn't considered required for inittab, or 
if the reason not in inittab is that you can't predict the serial device).

Regards,

Daniel

On 23/12/15 07:05 AM, Imre Kaloz wrote:
> Hi Daniel,
>
> On Wed, 23 Dec 2015 07:58:59 +0100, Daniel Dickinson
> <openwrt at daniel.thecshore.com> wrote:
>
>> I am reworking this (requiring console login) as couple of packages
>> for the packages feed, although it may require an image.mk or packages
>> Makefile hook in order to embed an appropriate inittab into the image
>> (since the inittab will need to be modified and we need to guarantee
>> the correct order of actions; and inittab comes from base-files which
>> is last thing done in the packages Makefile).
>
> I hope the other devs will chime in, but FWIW I would make this enabled
> unconditionally across all targets. As we already have a way to do a
> "factory reset" using the reset button, IMHO failsafe should also
> enforce login passwords everywhere, including the serial console.
>
>
> Imre
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list