[Git][NTPsec/ntpsec][master] systemd: Do not restart
Eric S. Raymond
gitlab at mg.gitlab.com
Thu Nov 30 13:38:45 UTC 2017
Eric S. Raymond pushed to branch master at NTPsec / ntpsec
Commits:
8459d15f by Richard Laager at 2017-11-30T13:38:20+00:00
systemd: Do not restart
It is important to specify -g on the command line to allow NTP to
correct the clock on boot. However, if Restart=yes is set, a malicious
(or broken) server could send the incorrect time, trip the panic
threshold, and when ntpd restarts, serve it the incorrect time (which
would be accepted).
See page 16 here:
http://events.linuxfoundation.org/sites/events/files/slides/vangundy-ntp-security.pdf
This can probably be done by a MITM attacker too, making this
essentially the same as CVE-2015-5300.
- - - - -
1 changed file:
- etc/ntpd.service
Changes:
=====================================
etc/ntpd.service
=====================================
--- a/etc/ntpd.service
+++ b/etc/ntpd.service
@@ -11,7 +11,11 @@ Conflicts=systemd-timesyncd.service
Type=forking
PrivateTmp=true
ExecStart=/usr/sbin/ntpd -g -N -u ntp:ntp
-Restart=always
+# Specifying -g on the command line allows ntpd to make large adjustments to
+# the clock on boot. However, if Restart=yes is set, a malicious (or broken)
+# server could send the incorrect time, trip the panic threshold, and when
+# ntpd restarts, serve it the incorrect time (which would be accepted).
+Restart=no
[Install]
WantedBy=multi-user.target
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/8459d15f8cf19a54cf149779d0d967883aa5c6b4
---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/8459d15f8cf19a54cf149779d0d967883aa5c6b4
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20171130/8262b376/attachment.html>
More information about the vc
mailing list