Revision 51922cb7
Added by Renato Botelho over 11 years ago
| etc/inc/system.inc | ||
|---|---|---|
| 1315 | 1315 |
$ntpcfg .= "statsdir {$statsdir}\n";
|
| 1316 | 1316 |
$ntpcfg .= "logconfig =syncall +clockall\n"; |
| 1317 | 1317 |
$ntpcfg .= "driftfile {$driftfile}\n";
|
| 1318 |
$ntpcfg .= "restrict default kod nomodify notrap nopeer\n"; |
|
| 1319 |
$ntpcfg .= "restrict -6 default kod nomodify notrap nopeer\n"; |
|
| 1318 |
$ntpcfg .= "restrict default kod limited nomodify notrap nopeer\n";
|
|
| 1319 |
$ntpcfg .= "restrict -6 default kod limited nomodify notrap nopeer\n";
|
|
| 1320 | 1320 |
|
| 1321 | 1321 |
if (empty($config['ntpd']['interface'])) |
| 1322 | 1322 |
if (is_array($config['installedpackages']['openntpd']) && !empty($config['installedpackages']['openntpd']['config'][0]['interface'])) |
Also available in: Unified diff
Add 'limited' to ntpd restrict list to workaround CVE-2013-5211. It fixes #3384