diff options
-rw-r--r-- | documentation/dev-manual/dev-manual-common-tasks.xml | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/documentation/dev-manual/dev-manual-common-tasks.xml b/documentation/dev-manual/dev-manual-common-tasks.xml index a373f92090..e5c1649f57 100644 --- a/documentation/dev-manual/dev-manual-common-tasks.xml +++ b/documentation/dev-manual/dev-manual-common-tasks.xml | |||
@@ -5104,7 +5104,7 @@ Gateways via their Web Interfaces</ulink>"</emphasis> | |||
5104 | security problems. | 5104 | security problems. |
5105 | </para></listitem> | 5105 | </para></listitem> |
5106 | <listitem><para> | 5106 | <listitem><para> |
5107 | Pay particular attention to to the security for | 5107 | Pay particular attention to the security for |
5108 | any web-based administration interface. | 5108 | any web-based administration interface. |
5109 | </para> | 5109 | </para> |
5110 | <para>Web interfaces typically need to perform | 5110 | <para>Web interfaces typically need to perform |
@@ -5182,7 +5182,7 @@ Gateways via their Web Interfaces</ulink>"</emphasis> | |||
5182 | Use the following line in your | 5182 | Use the following line in your |
5183 | <filename>local.conf</filename> file or in your custom | 5183 | <filename>local.conf</filename> file or in your custom |
5184 | distribution configuration file to enable the security | 5184 | distribution configuration file to enable the security |
5185 | compiler and linker flags to your build: | 5185 | compiler and linker flags for your build: |
5186 | <literallayout class='monospaced'> | 5186 | <literallayout class='monospaced'> |
5187 | require conf/distro/include/security_flags.inc | 5187 | require conf/distro/include/security_flags.inc |
5188 | </literallayout> | 5188 | </literallayout> |
@@ -5197,15 +5197,19 @@ Gateways via their Web Interfaces</ulink>"</emphasis> | |||
5197 | OpenEmbedded build system to make your images more secure: | 5197 | OpenEmbedded build system to make your images more secure: |
5198 | <itemizedlist> | 5198 | <itemizedlist> |
5199 | <listitem><para> | 5199 | <listitem><para> |
5200 | Ensure "debug-tweaks" is not listed with | 5200 | Ensure "debug-tweaks" is not one of your selected |
5201 | <ulink url='&YOCTO_DOCS_REF_URL;#var-IMAGE_FEATURES'><filename>IMAGE_FEATURES</filename></ulink>. | 5201 | <ulink url='&YOCTO_DOCS_REF_URL;#var-IMAGE_FEATURES'><filename>IMAGE_FEATURES</filename></ulink>. |
5202 | The default is to enable "debug-tweaks" by adding it | 5202 | When creating a new project, the default is to provide you |
5203 | to | 5203 | with an initial <filename>local.conf</filename> file that |
5204 | <ulink url='&YOCTO_DOCS_REF_URL;#var-EXTRA_IMAGE_FEATURES'><filename>EXTRA_IMAGE_FEATURES</filename></ulink> | 5204 | enables this feature using the |
5205 | in <filename>local.conf</filename>. | 5205 | <ulink url='&YOCTO_DOCS_REF_URL;#var-EXTRA_IMAGE_FEATURES'><filename>EXTRA_IMAGE_FEATURES</filename></ulink> variable with the line: |
5206 | However, you should comment out the variable or be | 5206 | <literallayout class='monospaced'> |
5207 | sure that it does not have "debug-tweaks" before | 5207 | EXTRA_IMAGE_FEATURES = "debug-tweaks" |
5208 | producing your final image. | 5208 | </literallayout> |
5209 | To disable that feature, simply comment out that line in your | ||
5210 | <filename>local.conf</filename> file, or | ||
5211 | make sure <filename>IMAGE_FEATURES</filename> does not contain | ||
5212 | "debug-tweaks" before producing your final image. | ||
5209 | Among other things, leaving this in place sets the | 5213 | Among other things, leaving this in place sets the |
5210 | root password as blank, which makes logging in for | 5214 | root password as blank, which makes logging in for |
5211 | debugging or inspection easy during | 5215 | debugging or inspection easy during |