[ntp:hackers] Re: Config file format

Mark Martinec Mark.Martinec at ijs.si
Mon Feb 21 05:36:19 PST 2005


> Please show me how *allowing* a URL to specify how the conf file gets
> loaded is a hole.
>
> All I'm saying is that I have seen many places where this capability would
> be a major win.  I'm not telling people to use it, and I'm not going to
> force anybody to use it.

on a plus side: it can add flexibility for some installations;

on a minus side: it adds complexity. Some may remember that a
  popular command-line http/ftp client 'wget' is being plagued
  with security holes, being discovered one after another.
  Add SSL, and it all gets even worse.

If one is prepared to sacrifice a potential ability to HUP a daemon
and make it reload a config file, then perhaps a simple:

  ntpd -c -

(to read config from stdin) could offer as much flexibility
as one is prepared to put into his startup script.

P.S. most of us recipients are on the hackers list,
     please avoid sending duplicates

Mark



More information about the hackers mailing list