On Fri, Jul 13, 2012 at 09:43:45AM -0700, Colin Cross wrote: [...] > I was referring to the security implications, not size. Leaving KDB > on is effectively instant root access over the serial console.
Oh, I see. Yes, for this we'd need to disable all modification commands. [...] > > The thing is, we even have a standard sequence for entering KDB, > > it is GDB-protocol command $3#33, so it actually makes sense to > > implement this. This would be the only async command, and it doesn't > > affect anything but the new code. I prepared a separate patch for this. > > I would suggest making the sequence longer than just return. A single > character is not that unlikely to be generated by random noise - I've > seen multiple devices reboot when the serial console was connected > because it received a SysRq-Crash (a break is all zeroes, which is > very common while shorting the lines as the console is plugged in, and > then random noise sent a 'c'). No no, it's not just return. It is either return or the longer '$3#33' escape sequence. Default is $3#33, so it should be pretty safe (but of course we can make it even longer, or even configurable). Thanks, -- Anton Vorontsov Email: cbouatmai...@gmail.com ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Kgdb-bugreport mailing list Kgdb-bugreport@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/kgdb-bugreport
