[ntp:hackers] Bug hunting opportunities

Dave Hart davehart at gmail.com
Thu Oct 29 20:23:14 UTC 2009


On Thu, Oct 29, 2009 at 8:06 PM, Hal Murray <hmurray at megapathdsl.net> wrote:
> Ahh..  We also need something like
>  server 1.2.3.4:port
> in order to generate ntp traffic.

Yes, I forgot to mention ntp-dev-unpriv also adds support for

server my.oddport.ntp port 1234

> I was trying to avoid confusing the real sysadmin by a random user injecting
> bogus error messages into the real syslog.
>
> It's too easy to forget a command line.  If you use the config file, several
> lines of stuff get into syslog before it switches to your log file.
>
> So my (handwave) straw man is that the user-mode command line switch should
> disable using syslog (but still allow logging to a file) and that should
> happen early in the startup sequence.  Without the user mode switch, it
> should bail if it isn't root (or jail user) before scribbling into syslog.
> The root check needs to happen before it kills syserr so it can still print
> the error message where the user will see it.
>
> More on logging in another message - topic is shifting too far.

I don't disagree with your ideas.  However, I'm focusing on making as
few changes as needed, and I don't see this as needed.  Nice, yes, but
keep in mind this is all additional code that risks muddying the
mainline waters.  It seems to me for a first cut of the functionality
there is no need to make any changes to the logging code.

ntp.conf "logfile" could be enhanced to be respected from the start,
if we pend startup messages until after applying that directive (which
would also require ensuring those messages go out if we abort before
that point).  I prefer to keep all my ntpd logs in text files on
Windows rather than the event log (used as a syslog equivalent), and
I'd like to see that change independent of unprivileged operation, so
that I can avoid repeatedly typing -l \path\to\ntp.log.

Cheers,
Dave Hart


More information about the hackers mailing list