Versions Compared

Old Version 2

changes.mady.by.user Hai Nam Tran

Saved on

compared with

New Version 3

changes.mady.by.user Hai Nam Tran

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel3

Security for embedded systems is a serious issue, albeit often overlooked. This chapter gives an overview of common security risks that might occur during the deployment and lifespan of the product. We also give hints and tips on the implementation of some chosen security mechanisms. Since we are not able to cover every possible risks in the manual, users are strongly recommended to read on further topics regarding this these issues.

Note

For the following list of security risks, no claim of completeness can be made. There may arise other risks or - on the opposite - limitations in the design of your application by following the instructions provided in this chapter.

...

Customers should follow the principle of minimal privilege for user rights on the devices. Please note that SECO Northern Europe tools are usually assigned with access rights for all users since it is more developer friendly.

Root password

Since SECO Norther Northern Europe is an OEM manufacturer and we are delivering serial-produced devices to several customers, a default root password would lead to a form of pseudo security. Moreover a default password for all devices is highly vulnerable. For this purpose our devices usually have no root password set. It is essential that a password will be set by customers before the devices are deployed. This is the minimum security measure to be done.

...

Blocking root access. Linux offers the opportunity to disable the root-login for specific services like ssh, or the serial console. Since the root login is is always a popular target for attackers this easy mechanism will decrease the risk for those kinds of brute force attacks.

Expand
titleBlocking Block root access

This can be done by setting the root account’s shell to /sbin/nologin in the /etc/passwd file:

Code Block
root:x:0:0:root:/root:/sbin/nologin
...

...

Expand
titleCreating a non-root user

The tool adduser can be used to create a non-root user

Code Block
root@santaro:~# adduser <user name>
Changing password for <user name>
Enter the new password (minimum of 5 characters)
Please use a combination of upper and lower case letters and numbers.
New password:<enter your secure password>
Re-enter new password:<enter your secure password>
passwd: password changed.

This creates a new user <user name> with group <user name> and the home directory /home/<user name>/.

The new user can be used to login immediately. See the man page of adduser for more options.

...

Superuser privileges for non-root users

sudo allows non-root users to have access to single commands with root user privileges. If login for root user is disabled, this can be used by non-root user to do system tasks. To enable usages of this feature, the group sudo should be enabled in the sudoer file and the user needs to be added to this group.

...

Newer SECO Northern Europe devices are equipped with an Flash-N-Go System as backup OS. Within Flash-N-Go the user has full control of the device’s configuration and the partitions on the flash disk respectively eMMC without a password or further authentication.

As described in [Deploying the Linux system to the target] booting into Flash-N-Go System can be triggered by pressing the bootmode switch or with the bootselect tool from the yocto OS.

The bootselect tool can only change the bootmode when called with root privileges, so following password and user suggestions from [User permissions concept] should solve this issue.

...