[ntp:hackers] 4.2.5p203 adds ntpq dumpcfg command

Brian Utterback brian.utterback at sun.com
Mon Aug 24 17:23:16 UTC 2009

Dave Hart wrote:
> And no one has answered my question about why we should be concerned
> with overwriting a file with ntpq dumpcfg and not concerned about
> remote configuration of "logfile" or another directive that can
> overwrite security-sensitive files.
> Cheers,
> Dave Hart

Indeed we should be concerned.  This was a major thorn in my side 
during the port of NTP v4 to OpenSolaris. It is a feature of SMF that 
configuration changes of a service have different authorization from 
starting and stopping a service, and neither require root access. Thus 
allowing an arbitrary file path to be configured that would then be 
used by a root process for writing is a big security hole.

It's bad civic hygiene to build technologies that could someday be
used to facilitate a police state. - Bruce Schneier
Brian Utterback - Solaris RPE, Sun Microsystems, Inc.
Ph:877-259-7345, Em:brian.utterback-at-ess-you-enn-dot-kom

More information about the hackers mailing list