16.02.2018, 12:15
Maybe this is a good question. Are there some vendor locks available in LM?
Below is just my idea:
Business case: I offer LM to my client with my software or services included. I don't want to allow my client doing changes in the software because I've taken responsibility about it. But on the other hand the client has to do backups, insert or delete users etc. Which means the client has to be admin of the device.
My idea of these vendor locks can be implemented by signing of the code (like MS PowerShell does). What I need is a storage for my public key and checking script signature before execution. Setting of vendor lock is signed by vendor key. Unsigned change is refused. Untrusted codes can't be executed.
Below is just my idea:
Business case: I offer LM to my client with my software or services included. I don't want to allow my client doing changes in the software because I've taken responsibility about it. But on the other hand the client has to do backups, insert or delete users etc. Which means the client has to be admin of the device.
My idea of these vendor locks can be implemented by signing of the code (like MS PowerShell does). What I need is a storage for my public key and checking script signature before execution. Setting of vendor lock is signed by vendor key. Unsigned change is refused. Untrusted codes can't be executed.
LM5Lp, firmware: 2018.08.22 and 2021.12.15, FlashSYS v2, ARMv7 Processor rev 5 (v7l), kernel 4.4.151 and 4.4.259