From owner-cvs-all Sun May 9 22:45:18 1999 Delivered-To: cvs-all@freebsd.org Received: from quack.kfu.com (quack.kfu.com [170.1.70.2]) by hub.freebsd.org (Postfix) with ESMTP id 776E714D0B; Sun, 9 May 1999 22:45:14 -0700 (PDT) (envelope-from nsayer@medusa.kfu.com) Received: from medusa.kfu.com (medusa.kfu.com [170.1.70.5]) by quack.kfu.com (8.9.2/8.8.5) with ESMTP id WAA28964; Sun, 9 May 1999 22:45:14 -0700 (PDT) Received: (from nsayer@localhost) by medusa.kfu.com (8.9.2/8.8.8) id WAA25334; Sun, 9 May 1999 22:45:13 -0700 (PDT) (envelope-from nsayer) From: Nick Sayer Message-Id: <199905100545.WAA25334@medusa.kfu.com> Subject: Re: cvs commit: src/sys/kern kern_time.c In-Reply-To: <199905100537.PAA10793@godzilla.zeta.org.au> from Bruce Evans at "May 10, 1999 3:37: 9 pm" To: bde@zeta.org.au (Bruce Evans) Date: Sun, 9 May 1999 22:45:13 -0700 (PDT) Cc: bde@zeta.org.au, nsayer@quack.kfu.com, cvs-all@FreeBSD.org, cvs-committers@FreeBSD.org, nsayer@FreeBSD.org X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk > >> Use the standard xntpd options SLEWALWAYS and maybe FORCE_NTPDATE_STEP. > > > >Then those should be defined in the xntpd that is supplied by default, > >otherwise the default configuration of FreeBSD will not keep time > >correctly when securelevel>0 (without this patch, that is). > > > >Can I take it, then, that you are in favor of commiting that and then > >outlawing settimeofday() when securelevel>0? > > Not in RELENG_3. So you're in favor of RELENG_3 having broken timekeeping then? I'm not sure I understand. > ISTR that someone said that newer versions of xntpd have a runtime switch > for the slewing behaviour. Then at the very least it should be documented somewhere that such a version (in a port, perhaps?) is required for securelevel>0. But in no way does that excuse leaving broken functionality in RELENG_3 (which was what was there before). The code that was there MASQUERADED as a security fix, in that it hand-waved not allowing negative time steps while not in actual fact preventing them. That same phony security precaution actually made the standard configuration break badly when the code was exercised. Who wins in keeping that around until 4.0-RELEASE? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message