On Feb 4, 2009, at 7:14 AM, Daniel Drake wrote: > 2009/2/4 John Watlington <w...@laptop.org>: >> I insist on b) in order to prevent inadvertent "bricking" of laptops >> by typing "enable-security", > > Are you concerned that there is a realistic and common use case when a > particular type of user would want or need to run enable-security? > Or is your concern simply that there is such a command (regardless of > what it actually does internally) that will break your XO?
Tthere are valid reasons in repair and manufacturing to have such a command. And there might even be a reason why a deployment might decide to turn on security. My concern is that with security disabled, kids are now free to explore OFW (this is a good thing) and that command is relatively easy to discover and might break your machine. Mitch is going to make the syntax a little more onerous. One current proposal is to require the serial number of the laptop as an argument. How about refusing to perform the command unless a valid signed image is present in the NAND ? In the same way we protect the flash command... Regarding Reuben's original concern: If you are going to enable security on a large number of laptops, you are probably going to be setting a few tags (such as providing your own signing keys) at the same time, and using a forth script on boot to perform it. Having to remove the ak tag at that point shouldn't be any extra hassle. wad _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel