Why admin's do not trust daemons to do their own packet filtering (was Re: Resuming the great cleanup)
rlaager at wiktel.com
Tue May 29 20:28:20 UTC 2018
On 05/29/2018 03:17 PM, Eric S. Raymond via devel wrote:
> The point of *this* part of the discussion is that if we accept Mark's
> security rationale (which I don't disagree with) then *every* form of
> userspace packet filtering NTP does is a defect and should be flushed.
Choosing _which_ interfaces to listen() on at all is not userspace
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 455 bytes
Desc: OpenPGP digital signature
More information about the devel