Dear Frans, In message <cacw_hty7sv6q+y9+ojkg2pnj4grt0rwkhahzasb2sgxyhri...@mail.gmail.com> you wrote: > > > If you want security, then don;t allow access to U-Boot at all, and > > run an OS. There you can do fancy things, including password > > protection. > > The issue is mainly that we would like a service engineer to upgrade > if for some reason the os goes into a not recoverable fault, without > an operator accidently (or on purpose) bumping into it
This is a perfectly reasonable requirement. But it needs to be designed in, but providing things like fall back to a previous version, or to a recovery configuration. U-Boot supports allthis, you just have to use it. Passwords are not a tool that would help here. > > Do you realize that you are already talking how to maintain this > > "security" level in Linux? Then also implement it there! That's > > where such stuff belongs to. > > > probably yes. my concern is mostly about being able to repair systems > where something is broken and the kernel does not come up as desired > but also does not crash and bring us back to u-boot (like what happens > if a crc is faulty). > > What Mike suggests in a subsequent message of using is more or less > secret key is probably already enough for us. No. What you are looking for is a reliable recovery for a failed software update or an otherwise corrupted system. That's a completely different topic - but it's standard techology, and nothing to worry about. Best regards, Wolfgang Denk -- DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: w...@denx.de COBOL is for morons. -- E.W. Dijkstra _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot