[chrony-dev] Changing default bindcmdaddress

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]


I think the current code is close to be ready for a new prerelease.
Because there were significant changes in the code (e.g. update to
NTPv4), I'll bump the version to 2.0.

I thought it might be a good opportunity to change the default
bindcmdaddress to 127.0.0.1/::1 to bind to the loopback interface
instead of wildcard. The chrony.conf.example2 file shipped in the
chrony tarball does set bindcmdaddress, but probably not everyone is
using it. This should improve the security as chronyd will not be by
default getting any remote cmdmon packets, they will be dropped in the
kernel.

The latest code doesn't open the NTP server port until a remote
address is allowed by the allow directive (or a peer or the broadcast
mode is enabled), so with this change an empty config would mean no
remote packets can get to chronyd. That I think would be a very nice
improvement.

Users that do want to access chronyd remotely will need to set the
bindcmdaddress back to 0.0.0.0/:: in addition to allowing a remote
address with cmdallow.

Does this sound reasonable?

-- 
Miroslav Lichvar

-- 
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/