[ntp:hackers] 4.2.5p203 adds ntpq dumpcfg command

Dave Hart davehart at gmail.com
Mon Aug 24 17:57:31 UTC 2009


On Mon, Aug 24, 2009 at 5:23 PM, Brian Utterback wrote:
> Dave Hart wrote:
>> And no one has answered my question about why we should be concerned
>> with overwriting a file with ntpq dumpcfg and not concerned about
>> remote configuration of "logfile" or another directive that can
>> overwrite security-sensitive files.
>
> Indeed we should be concerned.  This was a major thorn in my side during the
> port of NTP v4 to OpenSolaris. It is a feature of SMF that configuration
> changes of a service have different authorization from starting and stopping
> a service, and neither require root access. Thus allowing an arbitrary file
> path to be configured that would then be used by a root process for writing
> is a big security hole.

How did you resolve it?  Did you disable :config and :config-from-file?

Cheers,
Dave Hart


More information about the hackers mailing list