From owner-freebsd-arch  Wed Jan 16  1:10: 6 2002
Delivered-To: freebsd-arch@freebsd.org
Received: from avocet.prod.itd.earthlink.net (avocet.mail.pas.earthlink.net [207.217.120.50])
	by hub.freebsd.org (Postfix) with ESMTP
	id 95E3F37B427; Wed, 16 Jan 2002 01:09:51 -0800 (PST)
Received: from dialup-209.245.128.158.dial1.sanjose1.level3.net ([209.245.128.158] helo=blossom.cjclark.org)
	by avocet.prod.itd.earthlink.net with esmtp (Exim 3.33 #1)
	id 16Qm4l-0006Wb-00; Wed, 16 Jan 2002 01:09:44 -0800
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.3) id g0G99dV34320;
	Wed, 16 Jan 2002 01:09:39 -0800 (PST)
	(envelope-from cjc)
Date: Wed, 16 Jan 2002 01:09:37 -0800
From: "Crist J . Clark" <cristjc@earthlink.net>
To: Sheldon Hearn <sheldonh@starjuice.net>
Cc: FreeBSD@jovi.net, freebsd-questions@FreeBSD.ORG,
	freebsd-arch@FreeBSD.ORG, bug-followup@FreeBSD.ORG
Subject: Re: kern/33904: secure mode bug
Message-ID: <20020116010937.K31328@blossom.cjclark.org>
Reply-To: cjclark@alum.mit.edu
References: <20020115210303.E31328@blossom.cjclark.org> <98823.1011171388@axl.seasidesoftware.co.za>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <98823.1011171388@axl.seasidesoftware.co.za>; from sheldonh@starjuice.net on Wed, Jan 16, 2002 at 10:56:28AM +0200
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG

On Wed, Jan 16, 2002 at 10:56:28AM +0200, Sheldon Hearn wrote:
> 
> 
> On Tue, 15 Jan 2002 21:03:03 PST, "Crist J . Clark" wrote:
> 
> > On Tue, Jan 15, 2002 at 03:03:42PM -0500, FreeBSD@jovi.net wrote:
> > > It would help to document or fix date/ntpdate/ntpd/...
> > 
> > ntpdate(8) and ntpd(8) are contributed software. As far as I can tell,
> > FreeBSD uses "virgin" imports. There is no local customization of the
> > code. Maintaining local modifications to code maintained by outside
> > vendors is expensive and therefore needs a lot of justification.
> 
> And that's not the point. :-)
> 
> Basically, we're being asked to compensate for poor conduct on the
> part of an administrator who changed the securelevel without knowing
> what he was doing.  We can't compensate for poor change control in our
> documentation.

I think there is a valid point. The settimeofday(2) call returns
success even though the change requested by the call is not really
done. This is somewhat questionable behavior. The documentation for
settimeofday(2) was not clear about how this works under elevated
securelevel(8), and in fact, the documentation is actually wrong
(which I will fix shortly).
-- 
"It's always funny until someone gets hurt. Then it's hilarious."

Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message