[ntp:security] [Bug 1300] savecfg allows writes to any part of the filesystem

Harlan Stenn via the NTP Bugzilla bugzilla at ntp.org
Tue Sep 15 09:01:29 UTC 2009


http://bugs.ntp.org/1300


stenn at ntp.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                URL|                            |http://support.ntp.org/bin/v
                   |                            |iew/Dev/ConfigurationAndAuth
                   |                            |orizationLevelsForNtpd


----------------------------------------------------------------------------
Additional Comments From stenn at ntp.org (Harlan Stenn)
Submitted on 2009-09-15 09:01

Let's discuss this further at:

 http://support.ntp.org/bin/view/Dev/ConfigurationAndAuthorizationLevelsForNtpd

Prof. Mills, are you OK with the concept that Brian describes?

And for how long do we need to keep this bug a security bug (ie, not public)?

-- 
Harlan Stenn <stenn at ntp.org>



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


More information about the security mailing list