[ntp:hackers] NTP Development Snapshot 4.2.5p208 Released
davehart at gmail.com
Sun Aug 30 18:48:46 UTC 2009
On Sun, Aug 30, 2009 at 6:15 PM, Brian Utterback wrote:
> Dave Hart wrote:
>> If you have an idea for better validation of arguments, please share.
> Well, the obvious one is to not allow more arguments on the line.
Looking at it from the ntpq side, only the first argument is used. Of
course, a clever intruder can use a modified ntpq. On the ntpd side,
the entirety of the parameter is treated as a single filename. I am
not following what you are suggesting be changed.
>> I am not sure why you'd be trying to write to ntpd's current directory
>> rather than a specified path. Assuming there's a good reason, why
>> would you include "./" when leaving it off is equivalent? We could
>> discourage this habit by rejecting saveconfig arguments beginning with
>> "." aside from "." alone.
> How would the user that is unfamiliar know that ./ is not needed? Many
> people just type ./ out of habit when they mean the current directory.
I still fail to see the utility of referencing the ntpd's current
directory. I believe that will be either its startup current
directory, or if chrooted, the root. In either case, I expect the
common case for saveconfig to be a root-based path. In what scenario
do you envision desiring to save to a curdir-relative path?
> you have to have a token that means "the current config file", then it
> shouldn't include a character that is legal part of a path.
I'm enjoying this conversation so much I regret adding the shortcut,
and certainly if Sun won't ship it, that veto holds and it's gone.
And the world is safe from typos, hooray!
> Furthermore, I notice that while ntpd will not overwrite existing files, it
> returns that the write succeeded. This doesn't sound wise, since the remote
> admin may think that the current config is written somewhere when it isn't.
My results on Windows are different. p208 will overwrite a file.
Please verify it is failing to overwrite an existing file.
> The ability to create a file owned by root at any path is not safe. This
> feature needs more work.
Go for it. I'm fast losing interest.
More information about the hackers