Config file format - (Was: [ntp:hackers] FreeBSD serial ports)

Harlan Stenn stenn at
Sat Feb 19 19:22:29 PST 2005


I'm all for all the security we can reasonably provide.

If somebody wants -c http://... that's fine with me.

If they want -c https://... that's find with me to.

Security is a good thing, and we all know that one needs to be root
(at least under Unix) to start ntpd.  This will only be an issue when
ntpd gets started, and again, if somebody doesn't want to use it they
don't have to.

I have seen way too many internal networks with broken ntp.conf files
that could be very easily solved by using this mechanism, as it would allow
an internal server (protected networks) to feed clients an ntp.conf file that
is tailored for their particular subnet.


More information about the hackers mailing list