Table of Contents
Advertisement
10 Securing the device
The meaning of security for embedded systems is often underestimated. This chapter should sensitize customers
to the needs of security and disclose some of the typical security holes. It also provides some tips and hints for
the implementation of well chosen security mechanisms. Since we cannot cover the big amount of security issues
in this manual we strongly recommend to read further secondary lecture regarding this topic.
Note: For the following list of security risks, no claim of completeness can be made. There may arise
other risks or - on the opposite - limitations in the design of your application by following the instructions
provided in this chapter.
10.1 Services
The default configuration of a Garz & Fricke device can be described as "developer friendly". This means, all
services are available and activated. Depending on the final application, this might be either helpful or a security
risk. Once the development has been finalized, we recommend a review of the required services and to disable
all services and features which are not used. See the chapter
Special care needs to be taken, for example for:
I
Telnet
The chapter
[
4.1.4 Telnet service]
carefully decided if this feature is needed and how it is secured. At least the password and user suggestions from
I
[
10.2 User permissions concept]
SSH
There is a ssh services enabled by default on Garz & Fricke devices with Yocto. Additionally to the
password and user suggestions from
ssh service in the chapter
lock a sftp access to a subfolder only and create custom crypto keys.
10.2 User permissions concept
Linux is designed as a multiuser system and provides a mechanism known as
owner, a group and flags that grant write,
Additionally there is a super user, called root, who has access to all files. More information on this concept can be
I
found at:
http://www.tldp.org/LDP/gs/node5.html
Customers should follow the principle of minimal privilege for user rights on the devices. Please note that Garz &
Fricke tools are usually assigned with access rights for all users since it is more developer friendly.
10.2.1 Root password
Since Garz & Fricke is an OEM manufacturer and we are delivering serial-produced devices to several customers
a default root password would lead to a form of pseudo security. Moreover a default password for all devices is
highly vulnerable. For this purpose our devices usually have no root password set. Is is essential that a password
will be set by customers before the devices are deployed. This is the minimum security measure to be done.
Setting the root password on the device:
root@vincell:~# passwd root
Changing password for root
Enter the new password (minimum of 5 characters)
Please use a combination of upper and lower case letters and numbers.
New password:<enter your secure password>
Re-enter new password:<enter your secure password>
passwd: password changed.
root@vincell:~#
What does it mean if no root password is set?
via serial console, SSH or FTP and have full system control since the root user usually have all permissions.
describes the telnet service. For production devices it should be
should be implemented.
I
[
10.2 User permissions concept]
I
[
4.1.3 SSH
service]. It is possible to restrict the users allowed using this service,
read
and/or
Without root password attackers might connect to the device
GUF-Yocto-34.0-r5756-0
I
[
4.1 Services]
on how to disable.
there are more hints on securing the
file
execute
permissions to the owner, the group or anybody.
VINCELL
User Manual
¡
¡
permissions. Each file has an
49
Advertisement
Table of Contents
