From owner-freebsd-hackers  Thu Apr  1 17:26: 5 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21])
	by hub.freebsd.org (Postfix) with ESMTP id 6A9E314F98
	for <freebsd-hackers@FreeBSD.ORG>; Thu,  1 Apr 1999 17:26:00 -0800 (PST)
	(envelope-from gdonl@tsc.tdk.com)
Received: from sunrise.gv.tsc.tdk.com (root@sunrise.gv.tsc.tdk.com [192.168.241.191])
	by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id RAA11942;
	Thu, 1 Apr 1999 17:25:23 -0800 (PST)
	(envelope-from gdonl@tsc.tdk.com)
Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194])
	by sunrise.gv.tsc.tdk.com (8.8.5/8.8.5) with ESMTP id RAA16994;
	Thu, 1 Apr 1999 17:25:22 -0800 (PST)
Received: (from gdonl@localhost)
	by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id RAA29744;
	Thu, 1 Apr 1999 17:25:21 -0800 (PST)
From: Don Lewis <Don.Lewis@tsc.tdk.com>
Message-Id: <199904020125.RAA29744@salsa.gv.tsc.tdk.com>
Date: Thu, 1 Apr 1999 17:25:21 -0800
In-Reply-To: Andy Doran <ad@psn.ie>
       "Re: Suggestion: loosen slightly securelevel>1 time change restriction" (Apr  2,  1:42am)
X-Mailer: Mail User's Shell (7.2.6 alpha(3) 7/19/95)
To: Andy Doran <ad@psn.ie>, Nick Sayer <nsayer@quack.kfu.com>
Subject: Re: Suggestion: loosen slightly securelevel>1 time change restriction
Cc: freebsd-hackers@FreeBSD.ORG
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Apr 2,  1:42am, Andy Doran wrote:
} Subject: Re: Suggestion: loosen slightly securelevel>1 time change restric
} On Thu, 1 Apr 1999, Nick Sayer wrote:
} > 
} > I suggest easing up slightly on the restriction. Say, negative steps of
} > more than a minute are disallowed. It would seem to me that this would
} > let xntpd operate correctly in most cases while still denying the
} > opportunity for serious mischief to hackers desiring to wreak havoc
} > with time warps.

I think that a minute is too much.  A second or so should be plenty.
Maybe this should be a system tuneable that can't be changed when
securelevel > 0.

} What if you continiously set the time back 59 seconds? If you made this
} change, you'd need restrictions on how *often* the time is changed too.

How about preventing a negative step from setting the time back further
than the most recent negative step?


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message