On Fri, Oct 23, 2015 at 12:13:58PM +0200, Miroslav Lichvar wrote:
> I think it also creates a new problem that an attacker could spam the
> client's syslog with these messages and fill the disk. Harlan, could
> you please consider adding a rate limit for the message to prevent
> that?
I'm not sure that's an issue for ntpd to solve; syslog filling
disks is a problem that is as old as syslog writing to them. Most
modern syslog implementations support rate limitation, and some even
provide built-in log rotation and file size capping. (Or, if they
don't, the OS has already packaged scripts to handle this.)
Given that, is reinventing that particular wheel something
the reference implementation should bother doing? I see the point,
but I'm not sure this isn't already adequately solved on the host.
--msa
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
