Thanks for the report, nice thinking.
But then OTOH we would break lots of use cases where a network admin
needs to change things by default and they are meant to continue to
work.
I think the user needs to be able to opt-out of that to be even more
secure, just as you can change the initial fallback connection. But that
could not be the default to not break many cases out there.
Lukas can you have a look at documenting how to "harden" the default we
ship to be even more secure e.g. against this change through dhcp.
** Tags removed: server-triage-discuss
** Changed in: chrony (Ubuntu)
Assignee: (unassigned) => Lukas Märdian (slyon)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2115565
Title:
Secure config still picks up DHCP-advertised server
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/2115565/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
