Generally speaking there is a use case for a password. E.g. if you deliver boards/systems with u-boot on it and you do not want customers to enter u-boot (e.g. by accident or because they want to hack the board), but you would allow authorized service personnel to access the board.
For this case a secret password in the image would probably suffice (guess it might help to have it encrypted in flash or store a hash or so. Of course is the password leaks the security is gone. A password in env is more hackable. It would at least require no access from the kernel to the section the env is in (so no userspace tools and no /dev/mtd0 mapping to the whole flash). Yet another alternative (probably solution specific, is to store the passwd in a separate eeprom or so and make sure it is not accessible from the kernel (not always trivial)). Frans. _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
