Supporting insecure protocols in RMCP+

Brad Bishop bradleyb at fuzziesquirrel.com
Tue Apr 24 23:17:34 AEST 2018


> On Apr 23, 2018, at 3:30 PM, Vernon Mauery <vernon.mauery at linux.intel.com> wrote:
> 
> On 23-Apr-2018 11:47 AM, Vernon Mauery wrote:
>>> Patch Set 4:
>>> 
>>>> Given that RMCP+ is already insecure, unless it is a requirement to support 1, 2, 15, and 16, you may just want to support 3 and 17.
>>> 
>>> 1,2,3 are marked as mandatory in the specification. It should be a community decision to revoke support for 1,2. If the community is ok, it will need additional code changes.
>> 
>> tl;dr IPMI is old; let's drop the most insecure parts
> 
> While I am at it, can we agree

I agree with all your points.  But why is consensus necessary?

> that anonymous and nameless accounts are dangerous. I know that the IPMI spec says that having an account with no name is mandatory, I think this is another case of security trumps the standard.
> 
> I would at least like a way to disable this at build time so we CANNOT have this exploited.

That sounds like a reasonable way to make the code do what you need.

> 
> --Vernon


More information about the openbmc mailing list