[ntp:security] [Bug 1300] savecfg allows writes to any part of the filesystem

Danny Mayer via the NTP Bugzilla bugzilla at ntp.org
Sat Sep 12 02:00:10 UTC 2009


http://bugs.ntp.org/1300



----------------------------------------------------------------------------
Additional Comments From mayer at ntp.org (Danny Mayer)
Submitted on 2009-09-12 02:00

Both are the issue. Any ability to change the configuration remotely that
results in changes to files on the filesystem is at risk.

Brian wrote this:
> Moreover, there is nothing new with saveconfig here.  If I can overwrite a 
> critical file using saveconfig, I can also overwrite it using "logfile" or a 
> combination of "enable stats", "statsdir", and "filegen".

Forget about distribution of keys and controlkey /requestkey the fact is that
MD5 is trivial to break.

Danny

-- 
Danny Mayer <mayer at ntp.org>



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


More information about the security mailing list