[ntp:hackers] 4.2.8p1 is expected to post on Wed 21 Jan 2015
mlichvar at redhat.com
Mon Jan 19 09:23:36 UTC 2015
On Fri, Jan 16, 2015 at 10:33:05PM +0000, Harlan Stenn wrote:
> "Gary E. Miller" writes:
> > Yo Harlan!
> > On Fri, 16 Jan 2015 22:02:56 +0000
> > Harlan Stenn <stenn at ntp.org> wrote:
> > > I'm not planning to make any changes to 4.2.8p1 between now and then,
> > > unless there are critical issues.
> > I think silently breaking backward compatibility with gpsd is a critical
> > issue. Flip the sense of the new mode bit, so the default is the
> > previous behavior and you are good on that issue. Or at least document
> > it loudly so that when people break their systems they have a chance of
> > fixing things.
> Works for me. It might create some work for folks who have already made
> the change, but I think maintaining backward compatibility in this case
> is a win.
I'd prefer secure defaults here. Creating SHM segments with write
access for anyone, even if it's properly documented, looks to me like
a disaster waiting to happen.
If gpsd needs to attach to the segment after it drops root privileges,
and my understanding is this doesn't apply to most gpsd+ntpd users, it
should be rather done through the group access.
More information about the hackers