Date: Fri, 2 Apr 1999 01:42:56 +0100 (IST) From: Andy Doran <ad@psn.ie> To: Nick Sayer <nsayer@quack.kfu.com> Cc: freebsd-hackers@freebsd.org Subject: Re: Suggestion: loosen slightly securelevel>1 time change restriction Message-ID: <Pine.BSF.4.05.9904020140100.385-100000@vmunix.psn.ie> In-Reply-To: <199904020033.QAA09981@medusa.kfu.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 1 Apr 1999, Nick Sayer wrote: > > I suggest easing up slightly on the restriction. Say, negative steps of > more than a minute are disallowed. It would seem to me that this would > let xntpd operate correctly in most cases while still denying the > opportunity for serious mischief to hackers desiring to wreak havoc > with time warps. > What if you continiously set the time back 59 seconds? If you made this change, you'd need restrictions on how *often* the time is changed too. Also, xntpd/ntpdate would have to be intelligent enough to know that it can't set the time back more than the limit. Andy. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9904020140100.385-100000>