jmg
/
projects
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

add some more FreeBSD projects

main
John-Mark Gurney 4 years ago
parent
a80831425b
commit
002dbcea86
1 changed files with 11 additions and 0 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +11
    -0
      README.md

+ 11
- 0
README.md View File

@@ -8,6 +8,12 @@ FreeBSD

* [FreeBSD test lab](https://www.funkthat.com/gitea/jmg/fbsdembdev)
A lab where other FreeBSD commiters (at first) can reserve an embedded board, and do testing on it remotely. They will have a jail w/ full access to the network of the board under test, along w/ the ability to power cycle the board. This will hopefully allow more testing of boards.
* FreeBSD embedded autoconf.
A way to do automatic configuration. The idea is when you configure a FreeBSD box, you put a public key, and possibly generate a private key and put them on the fat partition. Then using dhcp or another configuration mechanism, the box asks the network for their configuration, fetch it, and configures themselves to match. The idea is to make devices (like IoT) more replaceable and keeps the configuration in a more centrally controller and backed up location.
* FreeBSD USB thumbdrive.
Using a board that supports USB OTG, using ggate over unix domain sockets over [ntunnel], preset a file on a server as a USB umass device. This allows a person to plug it into a game console or other device, and have the storage automatically go to your server which is backed up. Using the above embedded autoconf, security is well maintained.
* PCIe support for ROCKPro64
Add support for PCIe to the ROCKPro64.

File/data
---------
@@ -33,4 +39,9 @@ Security
* Secure python import: partial complete, see [casimport]
Currently there isn't a way to ensure that an end user gets the same code that the author tested/wrote against. Or that the code is by the same author as the import. See things like leftpad, or handing off a module to another author that ends up pushing malware into the module. I'd like to see a cryptographically signed way to import python modules and code. This is something like Content addressed Code. The idea is to support something like `from <hash of library or author's key> import module`. This will verify the module is signed by the author, or the module exactly matches the hash of the library. This could make it easier to import code from another project. Say they properly put a useful function in it's own file, you could do: `from <hash of py file> import function`, and the function would be imported as the database would contain a mapping between the hash of the py file, and where to get it. As the hash would be strongly tied, there'd be no issues w/ injecting malicious code.

Hardware
--------


[casimport]: https://www.funkthat.com/gitea/jmg/casimport
[ntunnel]: https://www.funkthat.com/gitea/jmg/ntunnel

Write Preview
Loading…
Cancel
Save