Re: [chrony-dev] shm permissions

2010-01-25 Thread Håkan Johansson 


On Mon, 25 Jan 2010, Bill Unruh wrote:


I am not sure that this is a good idea, since this would allow anyone to send
rogue data to the shm driver. It would be better to leave it at 0600 for the
chrony user ( or for root if you are using root), and let root change it if
the sysadmin wants to allow anyone to write to the shm, or at most make it a
configuration option.


It becomes a configuarion option in the sense that segments 0 and 1 use 
permissions 0600 and only segments 2 and 3 use 0666, so the level of 
trust can then be selected that way.



It is not clear to me what the scenario is where someone
other than root should be able to send data to this driver.


My scenario is that I am user on some systems where I will not get root 
permissions, so I cannot modify/restart/etc the ntpd/chronyd process, 
which I do not need.  But the sysadmins would entrust me to run e.g. gpsd 
to provide reference data.  This is useful for the further testing of gpsd 
I am doing, and the need to modify/restart gpsd doing that.


Cheers,
Håkan




On Mon, 25 Jan 2010, Håkan Johansson wrote:



Hi,

ntpd creates the shm refclock segments 2 and 3 with permissions 0666
(previously 0777), allowing also non-root users to provide synchronisation
data when these segments are set up.  The attached patch changes chrony to do
that to (currently 0700 for all segments).  It also changes the permissions
from 7 to 6, i.e. removing the useless execute-bits.

Cheers,
Håkan



--
William G. Unruh   |  Canadian Institute for| Tel: +1(604)822-3273
Physics  | Advanced Research  | Fax: +1(604)822-5324
UBC, Vancouver,BC  |   Program in Cosmology | un...@physics.ubc.ca
Canada V6T 1Z1 |  and Gravity   |  www.theory.physics.ubc.ca/

[chrony-dev] shm permissions

2010-01-25 Thread Håkan Johansson 


Hi,

ntpd creates the shm refclock segments 2 and 3 with permissions 0666 
(previously 0777), allowing also non-root users to provide synchronisation 
data when these segments are set up.  The attached patch changes chrony to 
do that to (currently 0700 for all segments).  It also changes the 
permissions from 7 to 6, i.e. removing the useless execute-bits.


Cheers,
Håkandiff --git a/refclock_shm.c b/refclock_shm.c
index b3b689b..9f46a0c 100644
--- a/refclock_shm.c
+++ b/refclock_shm.c
@@ -56,12 +56,18 @@ struct shmTime {
 };
 
 static int shm_initialise(RCL_Instance instance) {
-  int id, param;
+  int id, param, perm;
   struct shmTime *shm;
 
   param = atoi(RCL_GetDriverParameter(instance));
 
-  id = shmget(SHMKEY + param, sizeof (struct shmTime), IPC_CREAT | 0700);
+  if (param < 2) {
+perm = 0700;
+  } else {
+perm = 0777;
+  }
+
+  id = shmget(SHMKEY + param, sizeof (struct shmTime), IPC_CREAT | perm);
   if (id == -1) {
 LOG_FATAL(LOGF_Refclock, "shmget() failed");
 return 0;

[chrony-dev] [GIT] chrony/chrony.git branch, master, updated. 1.24-pre1-10-g8a00758

2010-01-25 Thread git 
This is an automated email from git. It was enerated because a ref
change was pushed to the repository "chrony/chrony.git".

The branch, master has been updated
   via  8a00758cf536fc6a1413518e443db10068efad7d (commit)
   via  15e154c09dc600f4ff4e10c6902b8902300621bc (commit)
   via  52d0c9a057ed43fda3d77bac3fe9c4ba1033e508 (commit)
  from  4593471ad5bda33ea9fc69ab3481bca505bc1025 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -
commit 8a00758cf536fc6a1413518e443db10068efad7d
Author: Miroslav Lichvar 
List-Post: chrony-dev@chrony.tuxfamily.org
Date:   Mon Jan 25 15:33:56 2010 +0100

Add makestep directive

commit 15e154c09dc600f4ff4e10c6902b8902300621bc
Author: Miroslav Lichvar 
List-Post: chrony-dev@chrony.tuxfamily.org
Date:   Mon Jan 25 13:07:13 2010 +0100

Handle immediate step in local module instead of system driver

This fixes the problem where scheduler wasn't notified about performed
steps and it also makes the command available on all supported systems.

commit 52d0c9a057ed43fda3d77bac3fe9c4ba1033e508
Author: Miroslav Lichvar 
List-Post: chrony-dev@chrony.tuxfamily.org
Date:   Thu Jan 21 17:11:17 2010 +0100

Limit timeout for end of slew to avoid overflow

---

Summary of changes:
 chrony.texi   |   32 ++--
 cmdmon.c  |9 ++---
 conf.c|   28 
 conf.h|1 +
 local.c   |   30 +-
 local.h   |2 +-
 localp.h  |5 -
 reference.c   |   21 +
 sys_linux.c   |   42 --
 sys_netbsd.c  |2 +-
 sys_solaris.c |2 +-
 sys_sunos.c   |2 +-
 12 files changed, 107 insertions(+), 69 deletions(-)


hooks/post-receive
--
chrony/chrony.git

---
To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" 
in the subject.
For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the 
subject.
Trouble?  Email listmas...@chrony.tuxfamily.org.

Re: [chrony-dev] shm permissions

2010-01-25 Thread Bill Unruh 

I am not sure that this is a good idea, since this would allow anyone to send
rogue data to the shm driver. It would be better to leave it at 0600 for the
chrony user ( or for root if you are using root), and let root change it if
the sysadmin wants to allow anyone to write to the shm, or at most make it a
configuration option. It is not clear to me what the scenario is where someone
other than root should be able to send data to this driver.

On Mon, 25 Jan 2010, Håkan Johansson wrote:



Hi,

ntpd creates the shm refclock segments 2 and 3 with permissions 0666 
(previously 0777), allowing also non-root users to provide synchronisation 
data when these segments are set up.  The attached patch changes chrony to do 
that to (currently 0700 for all segments).  It also changes the permissions 
from 7 to 6, i.e. removing the useless execute-bits.


Cheers,
Håkan



--
William G. Unruh   |  Canadian Institute for| Tel: +1(604)822-3273
Physics  | Advanced Research  | Fax: +1(604)822-5324
UBC, Vancouver,BC  |   Program in Cosmology | un...@physics.ubc.ca
Canada V6T 1Z1 |  and Gravity   |  www.theory.physics.ubc.ca/