See patch.
This is only build-tested, please carefully review if it might have impact on software that depends on the coreboot tables.
Uwe.
On 10/7/10 10:35 AM, Uwe Hermann wrote:
See patch.
This is only build-tested, please carefully review if it might have impact on software that depends on the coreboot tables.
Uwe.
I don't think this information is useless.
Knowing the user name and domain tells you who built the image (in an environment where nobody tries to obfuscate it, obviously). And, I certainly would want to know if someone from nsa.gov built my image ;-)
As for it being sensitive, I could understand that people want some sane information in there. We could add a Kconfig option to overwrite these strings. Or we could make their inclusion an option.
Please don't just drop it.
Stefan
On Thu, Oct 7, 2010 at 7:35 PM, Uwe Hermann uwe@hermann-uwe.de wrote:
See patch.
This is only build-tested, please carefully review if it might have impact on software that depends on the coreboot tables.
While I do agree that it would be nice to have an option to keep this information from appearing in the final rom, I think that:
- Usernames are not that sensitive, and can be used to track who compiled a particular image in a small development team. This can be useful. For a bigger company, i would expect a build bot username at this place :)
- You should never build anything on a non-development machine, particularly on exposed hosts - so I hope to never cross a coreboot rom built on "firewall1" :) I do get your point, however. For origin-tracing purposes, an unqualified host name should be sufficient, no need for the domain part. Development servers should be on private LANs, so these names should not directly resolve from outside. Yes, I know, should.
Best regards,
-
Aurélien -
Stefan Reinauer -
Uwe Hermann