[Ovmsdev] Moving to a production cycle

Greg D. gregd2350 at gmail.com
Mon Feb 26 05:46:44 HKT 2018

Michael Balzer wrote:
> Am 25.02.2018 um 01:12 schrieb Stephen Casner:
>> In order for a module that has been configured to become useful
>> automatically after power cycles it will be necessary for the start-up
>> script(s) to execute commands that require being enabled.  If that
>> requires putting an enable command with clear-text password into the
>> startup script, that's not good.
>>                                                         -- Steve
> Good point.
> How about allowing write access to event scripts on "/store" only in enabled mode and then generally run those scripts in enabled mode?
> Regards,
> Michael

That works for me, though I thought that write access to anywhere in the
file system already required Enable access, no? 

It was a bit of a surprise that the system event scripts weren't already
run with "enable" privileges.  User-level scripts (initiated by the CLI)
should also require Enable access before starting them.  We shouldn't
ever need to have clear-text passwords in script files.

What about Duktape scripts that can be called for Metric evaluation from
the OBDII ECU Simulator?  I can imagine that someone clever could odd
things with specially crafted OBDII PID requests via pre-written
scripts.  But that would require access to the OBDII CAN Bus... 


More information about the OvmsDev mailing list