On Wednesday 30 January 2008 Corey Osgood wrote:
Ok, I'm not going to get too far into this, because I'm no real security expert, but:
...
I think what he was trying to say is that if you give coreboot, say, a FILO payload set up to boot from some medium, with no support for any other medium, then there's no switch you can throw, short of flashing a new bios onto the board. You can do the same thing with a linux kernel, use that to unconditionally kexec to a specific medium, or with large enough flash, you could store the entire kernel in flash.
OK, that's a possible way..
Although for development and support it might be good to be able to boot from other media; that would have to be password-protected (per-machine), and then I'm back where I started.
[ And having different images for development and release is not what I'd like, TBH. ]
But it's surely something to think about.
Thank you!
Regards,
Phil