Skip top menus
National Security Agency and Central Security Service with agency logos.NSA/CSS Memorial Wall
Home    About NSA    Research    Business    Careers    Public Info    History
Introduction to Research    Security-Enhanced Linux    Information Assurance Research    Technology Transfer    Publications    Related Links

>>SELinux Mailing List: by thread

Search
What's new?
Contents
Overview
What's New
Frequently Asked Questions
Background
Documentation
License
Download
Participating
Mail List
Archive Summary
Archive by Thread
Archive by Author
Archive by Date
Archive by Subject
Remaining Work
Contributors
Related Work
Press Releases
  • Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
From: Ed Clarke <clarke_at_cilia.org>
subject: ntp security policy
Date: Mon, 21 Jan 2002 16:08:55 -0500 (EST)
  • This message: [ Message body ]
  • Next message: James Griffin: "Re: ntp security policy"
  • Previous message: Lonnie Cumberland: "Re: restricted guest domain accounts"
  • Next in thread: James Griffin: "Re: ntp security policy"
  • Reply: James Griffin: "Re: ntp security policy"


Has anyone developed a security policy for ntpd? This is probably simple: 

	read access to:


		/etc/ntp.conf

		/etc/ntp/keys

	read/write access to:


		/etc/ntp/drift

but it also has enhanced privs to permit access to the system clock via adjtime(x) etc. and speaks via tcp to various external peers and servers.

I'm not sure how to start since I only got the system up and working yesterday. I'll admit that the thought of a cracker breaking into this system and being unable to use so much as an editor is slowing down my understanding of the system. It's hard to study when you can't stop giggling... 

--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
From: James Griffin <agriffin_at_cpcug.org>
subject: Re: ntp security policy
Date: Mon, 21 Jan 2002 18:51:45 -0500
  • This message: [ Message body ]
  • Next message: Justin Smith: "Gdm shut my system down"
  • Previous message: Ed Clarke: "ntp security policy"
  • In reply to: Ed Clarke: "ntp security policy"


Ed Clarke wrote:
>
> Has anyone developed a security policy for ntpd? This is probably
> simple:
>
> read access to:
> /etc/ntp.conf
> /etc/ntp/keys
> read/write access to:
> /etc/ntp/drift
>
> but it also has enhanced privs to permit access to the system clock
> via adjtime(x) etc. and speaks via tcp to various external peers and
> servers.

Correction. NTP uses UDP exclusively.

Jim
[ship] 

--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
  • Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

This archive was generated by hypermail 2.2.0 on Wed 11 Jun 2008 - 08:10:54 EDT

Information Assurance | Signals & Intelligence        Links | Accessibility | Privacy & Security