LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 08-29-2014, 03:00 PM   #1
StreamThreader
Member
 
Registered: Mar 2012
Location: Ukraine/Odesa
Distribution: Slackware
Posts: 152

Rep: Reputation: 64
NTP Linux Security Sandbox - libseccomp2


Important news about security in NTP.

Source http://nwtime.org/ntp-linux-security...ed-win-t-shirt

Quote:
NTP Linux Security Sandbox Testers Needed – Win a T-Shirt!

August 29, 2014 by harlan

Help improve NTP’s Linux Security Sandbox by testing this new feature, providing feedback to us, and score a chance for an NTF t-shirt!

Traditionally, one of the more secure ways to run an NTP server is to have ntpd switch to an unprivileged user, once it no longer requires special privileges.

However, this does not prevent a remote attacker from finding a security hole and then using the unprivileged user to open socket connections, fork new processes or attempt to make system calls to gain root privilege through some local exploit.

With the optional Linux security sandbox support added to NTP in 4.2.7p422 we make the attacker’s job much more difficult as the size of his playing field is significantly reduced. He can no longer do many of those attacks. The NTP sandbox makes the attacker’s job much harder as he is restricted to a very small number of system calls.

Linux Security Sandbox support for NTP is provided by libseccomp2, and this capability was added to NTP by a patch from Loganaden Velvindron of AFRINIC.

All you need to do is to have a Linux box to run the sandbox code on. Then build and run the latest development snapshot of NTP, enabling sandboxing (configure --enable-libseccomp), and then report back to us to be entered into a drawing for a “timeless” Network Time Foundation t-shirt!.

And please look my last comment about NTP article http://docs.slackware.com/talk:howto...k_services:ntp
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Yet another Java flaw allows “complete” bypass of security sandbox LXer Syndicated Linux News 0 09-26-2012 12:01 PM
ntp drift file in /etc/ntp instead of /var/lib/ntp - suggestion for a patch in Slack niels.horn Slackware 16 05-07-2009 07:35 PM
ntp security owbr4dh02 Linux - Security 13 02-08-2007 12:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 08:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration