Why admin's do not trust daemons to do their own packet filtering (was Re: Resuming the great cleanup)

Eric S. Raymond esr at thyrsus.com
Tue May 29 20:17:36 UTC 2018

Gary E. Miller via devel <devel at ntpsec.org>:
> > This opens a can of worms, though.  Should we drop the entire
> > interface command?
> Yes, after years of deprecation.  At least to start we want to be drop=in
> replacement for NTP Classic.

I think you're now trying to have things both ways.  If we drop filtering
by name we're already compromising "drop-in replacement".  I'm OK with
doing this if there's a solid security reason for it that we can tell people
who might get annoyed.

The point of *this* part of the discussion is that if we accept Mark's
security rationale (which I don't disagree with) then *every* form of
userspace packet filtering NTP does is a defect and should be flushed.

Please either choose one drop/no-drop or explain why these cases
should be treated separately.
		<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>

My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20180529/48d4295c/attachment.bin>

More information about the devel mailing list