Date: Sat, 15 Feb 2003 22:22:24 -0800 From: David Schultz <dschultz@uclink.Berkeley.EDU> To: John Hay <jhay@icomtek.csir.co.za> Cc: Charles Sprickman <spork@inch.com>, security@FreeBSD.ORG Subject: Re: chrooted non-priv ntpd Message-ID: <20030216062224.GA1646@HAL9000.homeunix.com> In-Reply-To: <20030216052534.GA50026@zibbi.icomtek.csir.co.za> References: <20030215025035.F80945@shell.inch.com> <20030216043634.GB733@HAL9000.homeunix.com> <20030216052534.GA50026@zibbi.icomtek.csir.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Thus spake John Hay <jhay@icomtek.csir.co.za>: > Well I don't want to comment on the chroot part, but did you also bring > these problems under the attention of the ntp people? I can't remember > having seen anything about it on bugs@ntp.org. Preferably with patches > against the development version. :-))) I sent a note to David Mills back in October, but I didn't get a response. Most of the implementation problems (in my eyes, anyway) are going to be a major pain in the butt to fix, e.g. the hundreds of uses of sprintf() and strcpy(). I assume people know about these, and there's a reason why nobody has bothered to fix them. The crypto problem is probably not known, but simpler to fix. There's basically an off-by-one error where the last key[1] in the session key sequence generated by ntpd isn't based on the shared secret from the Diffie-Hellman exchange; it's just a random value from a PRNG seeded off of the system time. I expect it would be nearly impossible to exploit, but I could be wrong. One of these days I'll see if I still have my notes on ntpd and send off a report to bugs@ntp.org. [1] IIRC, the keys are used in reverse order for the same reason that you use S/Key passwords in reverse order, so it's really the first key in the sequence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030216062224.GA1646>