On Wed, 23 Dec 2015 17:27:37 +0100, Felix Fietkau <[email protected]> wrote:
On 2015-12-23 16:27, Bastian Bittorf wrote:
* Imre Kaloz <[email protected]> [23.12.2015 16:22]:
>I'd hate to have some corner case result in bricked routers for
>people who have no means of recovering from a bad flash.
You can reflash from the bootloader all the time, we are talking
about userland here. IMHO this should be just a normal change, like
dropping telnet. Enforcing login should be on by default, specially
since if one forgets the password they can just reset everything to
defaults keeping the reset button pressed.
I am against asking for a password in failsafe mode:
failsafe is failsafe is failsafe.
You have to run mount_root which does _things_ and can break.
I completely agree with this. Failsafe needs to be robust.
Failsafe can be triggered both locally and through the network and gives
straight root access. This doesn't make it robust, it makes it insecure.
Imre
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
