Why admin's do not trust daemons to do their own packet filtering (was Re: Resuming the great cleanup)

Mark Atwood, Project Manager mark.atwood at ntpsec.org
Tue May 29 19:23:53 UTC 2018

We could kill the interface command, and let the usual syntax error happen.

Or we could raise a special syntax error, calling out the need to use the
packet filter instead.  Then the question becomes, is it a
warn-and-continue, or a error-and-halt?


On Tue, May 29, 2018 at 12:17 PM Eric S. Raymond via devel <devel at ntpsec.org>

> Hal Murray <hmurray at megapathdsl.net>:
> > My reading of Eric's concerns is that he doesn't want to remove a
> feature
> > that somebody is (or might be) using.
> That is currect.  But we've already removed stuff people might be using
> for infosec reasons; I get much less worried if we have that story.
> --
>                 <a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
> My work is funded by the Internet Civil Engineering Institute:
> https://icei.org
> Please visit their site and donate: the civilization you save might be
> your own.
> _______________________________________________
> devel mailing list
> devel at ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel

Mark Atwood
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20180529/ced01ff8/attachment.html>

More information about the devel mailing list