From owner-freebsd-security Sat Feb 15 22:22:30 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8D8CE37B401 for ; Sat, 15 Feb 2003 22:22:27 -0800 (PST) Received: from HAL9000.homeunix.com (12-233-57-224.client.attbi.com [12.233.57.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id E9D0043F3F for ; Sat, 15 Feb 2003 22:22:24 -0800 (PST) (envelope-from dschultz@uclink.Berkeley.EDU) Received: from HAL9000.homeunix.com (localhost [127.0.0.1]) by HAL9000.homeunix.com (8.12.6/8.12.5) with ESMTP id h1G6MOQb001808; Sat, 15 Feb 2003 22:22:24 -0800 (PST) (envelope-from dschultz@uclink.Berkeley.EDU) Received: (from das@localhost) by HAL9000.homeunix.com (8.12.6/8.12.5/Submit) id h1G6MOsg001807; Sat, 15 Feb 2003 22:22:24 -0800 (PST) (envelope-from dschultz@uclink.Berkeley.EDU) Date: Sat, 15 Feb 2003 22:22:24 -0800 From: David Schultz To: John Hay Cc: Charles Sprickman , security@FreeBSD.ORG Subject: Re: chrooted non-priv ntpd Message-ID: <20030216062224.GA1646@HAL9000.homeunix.com> Mail-Followup-To: John Hay , Charles Sprickman , security@FreeBSD.ORG References: <20030215025035.F80945@shell.inch.com> <20030216043634.GB733@HAL9000.homeunix.com> <20030216052534.GA50026@zibbi.icomtek.csir.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030216052534.GA50026@zibbi.icomtek.csir.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thus spake John Hay : > Well I don't want to comment on the chroot part, but did you also bring > these problems under the attention of the ntp people? I can't remember > having seen anything about it on bugs@ntp.org. Preferably with patches > against the development version. :-))) I sent a note to David Mills back in October, but I didn't get a response. Most of the implementation problems (in my eyes, anyway) are going to be a major pain in the butt to fix, e.g. the hundreds of uses of sprintf() and strcpy(). I assume people know about these, and there's a reason why nobody has bothered to fix them. The crypto problem is probably not known, but simpler to fix. There's basically an off-by-one error where the last key[1] in the session key sequence generated by ntpd isn't based on the shared secret from the Diffie-Hellman exchange; it's just a random value from a PRNG seeded off of the system time. I expect it would be nearly impossible to exploit, but I could be wrong. One of these days I'll see if I still have my notes on ntpd and send off a report to bugs@ntp.org. [1] IIRC, the keys are used in reverse order for the same reason that you use S/Key passwords in reverse order, so it's really the first key in the sequence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message