[ntp:hackers] Cool new stuff

Danny Mayer mayer at ntp.isc.org
Wed Oct 25 19:26:13 PDT 2006


David L. Mills wrote:
> Brian,
> 
> There seems to be a common view among you and others that a drastic 
> change in security model occured last time I revised the restrict bits. 
> The only thing I did was to modify the notrust bit so that access is 
> permitted if the client has the correct access keys, symmetric or 
> public. Is that the issue, or is this considered a massive security hole?
> 
> Dave

Dave,

Yes, that's the issue. Any time you change the meaning of some
previously documented bits, you get confusion, required configuration
changes and a host of other issues. Adding a new bit would have been
much better. I understand what you wanted to accomplish, but there are
folks out there who won't be following even the newsgroup, never mind
this mailing list.

Danny


More information about the hackers mailing list