[ntp:security] [Bug 1300] savecfg allows writes to any part of the filesystem

Danny Mayer via the NTP Bugzilla bugzilla at ntp.org
Sat Sep 12 02:00:10 UTC 2009


Additional Comments From mayer at ntp.org (Danny Mayer)
Submitted on 2009-09-12 02:00

Both are the issue. Any ability to change the configuration remotely that
results in changes to files on the filesystem is at risk.

Brian wrote this:
> Moreover, there is nothing new with saveconfig here.  If I can overwrite a 
> critical file using saveconfig, I can also overwrite it using "logfile" or a 
> combination of "enable stats", "statsdir", and "filegen".

Forget about distribution of keys and controlkey /requestkey the fact is that
MD5 is trivial to break.


Danny Mayer <mayer at ntp.org>

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the security mailing list