[ntp:security] [Bug 2902] New: configuration directives "pidfile" and "driftfile" should be local-only.

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Tue Aug 25 23:45:27 UTC 2015


http://bugs.ntp.org/show_bug.cgi?id=2902

             Bug #: 2902
           Summary: configuration directives "pidfile" and "driftfile"
                    should be local-only.
           Product: ntp
           Version: 4.2.8
          Platform: PC
        OS/Version: All
            Status: CONFIRMED
          Severity: normal
          Priority: P3
         Component: ntpd
        AssignedTo: stenn at ntp.org
        ReportedBy: stenn at ntp.org
                CC: bugs at ntp.org, mlichvar at redhat.com
             Group: Security
    Classification: Unclassified


Harlan Stenn <stenn at ntp.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|                            |blocking4.2.8+,
                   |                            |Q/A-TestRequest+

When deciding the list of configuration directives that should be restricted to
the local machine and which could be changed via remote configuration, we
decided that the "pidfile" and "driftfile" directives could be changed
remotely.

Remote configuration requires password authentication, but there's a potential
for a bad actor to use these directives to overwrite system files if ntpd has
permission to write those files.

So in the interests of safety, we're moving these two directives from "allow
from anywhere" to "only allow locally".

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list