The end of the beginning is in sight

Eric S. Raymond esr at thyrsus.com
Sat Jan 7 06:12:32 UTC 2017


Hal Murray <hmurray at megapathdsl.net>:
> There is an interface command in ntp.conf, and the man page refers to -I and 
> -L command line options, both deprecated.

Yes, I was planning to remove these.

> I think we need to be careful here.  Unless we understand what's really going 
> on we are likely to break something, and it might be security related.

Remember that the code *already* uses wildcard addresses as fallbacks, so any
security issues these raise have already been present for a long time.

I need to check more carefully, but I'm pretty sure the only meaning of
a non-wildcard address in ntpd is that it can be filtered by reference
to itse device.  And even that can be simulated with the destination
address extraction described in my last reply.
-- 
		<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>


More information about the devel mailing list