Richard B. Gilbert wrote: > Hal Murray wrote: > >>> Old vulnerabilities that have been fixed are not a problem of much >>> concern to me. I run a recent version of ntpd that does not exhibit >>> these vulnerabilities. If people chose, for whatever reason, to run >>> a ten year old version of ntpd they must accept the associated risks >>> and inferior performance. Since the modern, improved and fixed >>> version is freely available to all I don't see any reason why anyone >>> who needs NTP and is concerned about security should not run it. >> >> >> >> How about: >> If it ain't broke, don't fix it. >> >> Lots of people get their version of (x)ntp from their hardware >> vendor. Most of them are not time geeks, they just need something >> that's good enough. They depend on their vendor to fix security >> problems in packages like ntp. >> > > Perhaps the vendors do fix security problems. If so, the simplest > approach, for most, would be to grab an up to date copy of the reference > implementation, build it, and distribute it. Clearly most vendors do > not do this! In the case of OpenVMS it is understandable since the > reference implementation contains enough "Unixisms" that it will not > build on VMS (I've tried). For Solaris and Linux the build should be > straightforward. I expect that the build for AIX and HP-UX should also > be straightforward. Suse forex ( as of 9.1 through 10.1 ) are still based in ntp-stable-4.2.0a-20050816.tar.bz2 with a plethora of patches. : -rw-r--r-- 1 root root 187 2006-01-26 11:22 conf.logrotate.ntp -rw-r--r-- 1 root root 2023 2006-01-26 11:22 conf.ntp.conf -rw-r--r-- 1 root root 6326 2006-01-26 11:22 conf.ntp.init -rw-r--r-- 1 root root 310 2006-01-26 11:22 conf.ntp.reg -rw-r--r-- 1 root root 2543 2006-01-26 11:22 conf.sysconfig.ntp -rw-r--r-- 1 root root 430 2006-01-26 11:22 conf.sysconfig.syslog-ntp -rw-r--r-- 1 root root 251 2006-06-29 14:30 NetworkManager-ntp -rw-r--r-- 1 root root 519 2006-01-26 11:22 ntp.1.gz -rw-r--r-- 1 root root 327 2006-01-26 11:22 ntp-4.1.1.SuSE-Config.diff -rw-r--r-- 1 root root 6949 2006-01-26 11:22 ntp-4.2.0a-no_ipv6_stack.diff -rw-r--r-- 1 root root 1532 2006-01-26 11:22 ntp-4.2.0.ntpdate_overflow.diff -rw-r--r-- 1 root root 23909 2006-01-26 11:22 ntp-4.2.0-rh-manpages.tar.gz -rw-r--r-- 1 root root 25894 2006-01-26 11:22 ntp-codecleanup.patch -rw-r--r-- 1 root root 406 2006-01-26 11:22 ntpd-maxmonmen.patch -rw-r--r-- 1 root root 1635 2006-01-26 11:22 ntpd-using_wrong_group.diff -rw-r--r-- 1 root root 271146 2004-03-05 18:35 NTP-FAQ-3.4.tar.bz2 -rw-r--r-- 1 root root 780 2006-01-26 11:22 ntp-linuxcaps.diff -rw-r--r-- 1 root root 2273 2006-01-26 11:22 ntp-manpages.patch -rw-r--r-- 1 root root 1995 2006-01-26 11:22 ntp-ntptrace_doc.diff -rw-r--r-- 1 root root 243 2006-01-26 11:22 ntp-ntptrace_sbinpath.diff -rw-r--r-- 1 root root 292 2006-01-26 11:22 ntp-segfault_on_invalid_device.d iff -rw-r--r-- 1 root root 634 2006-01-26 11:22 ntp-stable-4.2.0a-20050816-locon ly.patch -rw-r--r-- 1 root root 2112658 2006-01-26 11:22 ntp-stable-4.2.0a-20050816.tar.b z2 -rw-r--r-- 1 root root 521 2006-01-26 11:22 README.SUSE -rw-r--r-- 1 root root 756 2006-01-26 11:22 xntp-lib64.patch -rw-r--r-- 1 root root 670 2006-01-26 11:22 xntp-posix_options.diff
uwe _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
