[arch-general] Leap seconds ntp and chrony?
Gaetan Bisson
bisson at archlinux.org
Tue Jul 3 21:27:25 EDT 2012
[2012-07-04 00:22:25 +0100] Kevin Chadwick:
> I think I've been quite clear, similar to negative coding.
You haven't, similar to people spreading FUD.
Feel free to share your deep knowledge and thorough understanding of NTP
with us ignorants by contributing to this neat little project you might
have heard of, Wikipedia:
http://en.wikipedia.org/wiki/Network_Time_Protocol#Security_concerns
> OpenBSD has a security measure called securelevel which if raised from
> one to two prevents even root setting the clock backwards or near
> overflow as this can have consequences for the entropy pool. They also
> put in place measures to reduce client time leakage. The obvious point
> I ignored is network exploits as clock adjustment is a root process,
> which is why OpenBSDs implements priviledge seperation and chroot.
So what? You want to switch to OpenBSD? Please do.
> Explain why that matters for the usual case which is logging. I have
> servers some offline from which I can cross reference the logs. Do
> you... can you.. would you check your logs to the nanosecond and who
> said I worried. requirements, benefits and threats.
So because you don't need NTP nobody does? Educate yourself at:
http://en.wikipedia.org/wiki/Clock_synchronization#Problems
> Quas dederis solas semper habebis opes.
Subsiste sermonem statim.
--
Gaetan
More information about the arch-general
mailing list