[ntp:hackers] NTP Release Candidate 4.2.8p1-RC1 Released

juergen perlinger juergen.perlinger at t-online.de
Thu Jan 29 16:41:42 UTC 2015


Hello All,

On 01/29/2015 12:31 AM, Harlan Stenn wrote:
> Removing webmaster@ from the thread.
>
> Juergen,
>
> Any thoughts?

I can cook up & code a lot of things. But it looks to me ideas are 
flapping around. It starts with a specific bug, then additional features 
creep in.

I would propose that we use a few more mode bits:
      one group to define the access rights policy: mode 0600 / 0660 or 
0666.
      another bit to define the owner, either root.root or whatever the 
runtime user might be (given with the -u option).

These steps can all be done while being root, and once done (during 
driver startup) NTPD can drop privileges.

That would IMHO be the most sensible approach. And to avoid breaking 
changes, (though it *might* break the current 'private' bit) the default 
would be to create the SHM segments as we currently do.

The point is that I'm not going to drop this into a pending release. My 
experience with 'last minute improvements' is BAD, as well in my 
professional as in my hobbyist projects. The same goes for 'last minute 
bug fixes', but they are much harder to avoid.

And while a lot of people don't care about Windows (and I don't like it 
much personally) we should still develop an idea how to map this to that 
platform. If the conclusion is "can't be done" or "needs more than 
100hrs", then we might drop that issue for the Windows port. Or we find 
another divine Windows coder for this project -- I had a few looks into 
the Windows security pit, and one thing I can say for sure is that I'm 
*not* the person with enough experience to code that safely and secure.

> This may be something we can look at this weekend at FOSDEM - Martin
> Burnicki will be here, and I don't recall if Juergen was going to make
> it or not.
>
> H
No, I'm not. But I told Marting to give you my best wishes ;)
> --
> "Gary E. Miller" writes:
>> Yo Harlan!
>>
>> On Wed, 28 Jan 2015 23:13:10 +0000
>> Harlan Stenn <stenn at ntp.org> wrote:
>>
>>> "Gary E. Miller" writes:
>>>> Yo All!
>>>>
>>>> On Mon, 26 Jan 2015 14:23:09 -0800
>>>> "Gary E. Miller" <gem at rellim.com> wrote:
>>>>
>>>>> So the decision was to punt the SHM permissions changes?
>>> A fix is in the queue - see http://bugs.ntp.org/show_bug.cgi?id=2627
>> Looks like the mode will now default to the old behavior,  that is an
>> important security fix as otherwise permissions would have been silently
>> loosend opening a seccurity issue.
>>
>> But I see no indication of progress to 0660 mode which is the real fix.
>> Otherwise gpsd and ntpd both need to start as root and can make no changes
>> to SHM's after dropping root.  This has been a long standing issue for
>> gpsd resulting in inability to dynamically add time sources.
>>
>> RGDS
>> GARY
>> ---------------------------------------------------------------------------
>> Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
>> 	gem at rellim.com  Tel:+1(541)382-8588
>>
> _______________________________________________
> hackers mailing list
> hackers at lists.ntp.org
> http://lists.ntp.org/listinfo/hackers
>



More information about the hackers mailing list