On Jan 25, 10:10pm, christianbiere@gmx.de (Christian Biere) wrote:
-- Subject: Re: bin/35479: /usr/sbin/timedc fails

| The following reply was made to PR bin/35479; it has been noted by GNATS.
| 
| From: Christian Biere <christianbiere@gmx.de>
| To: gnats-bugs@NetBSD.org, netbsd-bugs@NetBSD.org
| Cc: 
| Subject: Re: bin/35479: /usr/sbin/timedc fails
| Date: Thu, 25 Jan 2007 23:16:21 +0100
| 
|  Woodchuck wrote:
|  > In other words, the OpenBSD hosts are *rejecting* a connection attempt
|  > from a privileged socket.  That makes a certain kind of paranoid sense.
|  
|  I don't see any such checks in code. Are you sure it's not just the
|  firewall? Also packets from unprivileged ports are certainly not more
|  trustworthy than those from privileged ports. If you want to differ at
|  all than it's rather vice-versa.
|  
|  > I notice that timedc is setuid 0 on NetBSD, (obviously, to get that
|  > privileged socket), but is not setuid on OpenBSD (which uses an unprivileged
|  > one).
|  
|  No, it's not just for this socket but rather for the raw socket.
|  
|  > If an unprivileged socket is appropriate, then NetBSD could also
|  > lose the setuid property, generally a good thing to lose if unnecessary.
|  
|  Can you use timedc as non-root on OpenBSD at all? I would think there's no
|  need to but I doubt not dropping privileges at all is better.

Plus you don't want random people forcing elections or even bogging down
the time server.

christos