[OpenWrt-Devel] [PATCH] base-files utils/busybox: Make requiring login in console default for easily accessed devices

Felix Fietkau nbd at openwrt.org
Wed Dec 23 18:49:57 EST 2015


On 2015-12-24 00:38, Imre Kaloz wrote:
> On Wed, 23 Dec 2015 17:27:37 +0100, Felix Fietkau <nbd at openwrt.org> wrote:
> 
>> On 2015-12-23 16:27, Bastian Bittorf wrote:
>>> * Imre Kaloz <kaloz at openwrt.org> [23.12.2015 16:22]:
>>>> >I'd hate to have some corner case result in bricked routers for
>>>> >people who have no means of recovering from a bad flash.
>>>>
>>>> You can reflash from the bootloader all the time, we are talking
>>>> about userland here. IMHO this should be just a normal change, like
>>>> dropping telnet. Enforcing login should be on by default, specially
>>>> since if one forgets the password they can just reset everything to
>>>> defaults keeping the reset button pressed.
>>>
>>> I am against asking for a password in failsafe mode:
>>> failsafe is failsafe is failsafe.
>>>
>>> You have to run mount_root which does _things_ and can break.
>> I completely agree with this. Failsafe needs to be robust.
> 
> Failsafe can be triggered both locally and through the network and gives  
> straight root access. This doesn't make it robust, it makes it insecure.
How can it be triggered through the network?

- Felix
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list