Config file format - (Was: [ntp:hackers] FreeBSD serial ports)

Danny Mayer mayer at gis.net
Sat Feb 19 17:47:51 PST 2005


At 11:47 PM 2/17/2005, Harlan Stenn wrote:
>I see no reason to lose the remote config stuff - it is mode7 and is
>implementation-specific.
>
>I would also like to see the -c flag take a URL as an option, so one might
>say:
>
>  ntpd -c file:///etc/ntp.conf  (current behavior)

Not really. It's just path. Protocol is ignored.

>  ntpd -c http://ntpconf.my.dom.ain  (get a conf file from a local server)

Please no. Now you add an new security hole where someone can
now replace what you intended with their own. Opening up an
http: channel (or even https) is a major headache to set up and
uses of course TCP. We really don't want to do this.


>I'd also like to have the ability for ntpd to write its current config file.

Not sure about that one. Security again is an issue here.

Danny

>Just some thoughts.
>
>H
>_______________________________________________
>hackers mailing list
>hackers at support.ntp.org
>https://support.ntp.org/mailman/listinfo/hackers




More information about the hackers mailing list