[coreboot] [PATCH] Stop putting useless or sensitive information in coreboot images

Stefan Reinauer stefan.reinauer at coresystems.de
Thu Oct 7 22:25:24 CEST 2010


 On 10/7/10 10:35 AM, Uwe Hermann wrote:
> See patch.
>
> This is only build-tested, please carefully review if it might have
> impact on software that depends on the coreboot tables.
>
>
> Uwe.
I don't think this information is useless.

Knowing the user name and domain tells you who built the image (in an
environment where nobody tries to obfuscate it, obviously). And, I
certainly would want to know if someone from nsa.gov built my image ;-)

As for it being sensitive, I could understand that people want some sane
information in there. We could add a Kconfig option to overwrite these
strings. Or we could make their inclusion an option.

Please don't just drop it.

Stefan




More information about the coreboot mailing list