Why admin's do not trust daemons to do their own packet filtering (was Re: Resuming the great cleanup)
Mark Atwood, Project Manager
mark.atwood at ntpsec.org
Tue May 29 19:23:53 UTC 2018
We could kill the interface command, and let the usual syntax error happen.
Or we could raise a special syntax error, calling out the need to use the
packet filter instead. Then the question becomes, is it a
warn-and-continue, or a error-and-halt?
..m
On Tue, May 29, 2018 at 12:17 PM Eric S. Raymond via devel <devel at ntpsec.org>
wrote:
> Hal Murray <hmurray at megapathdsl.net>:
> > My reading of Eric's concerns is that he doesn't want to remove a
> feature
> > that somebody is (or might be) using.
>
> That is currect. But we've already removed stuff people might be using
> for infosec reasons; I get much less worried if we have that story.
> --
> <a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
>
> My work is funded by the Internet Civil Engineering Institute:
> https://icei.org
> Please visit their site and donate: the civilization you save might be
> your own.
>
>
> _______________________________________________
> devel mailing list
> devel at ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
>
--
Mark Atwood
http://about.me/markatwood
+1-206-604-2198
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20180529/ced01ff8/attachment.html>
More information about the devel
mailing list