Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 17 Jan 2002 00:32:23 +1100 (EST)
From:      Bruce Evans <bde@zeta.org.au>
To:        <cjclark@alum.mit.edu>
Cc:        Sheldon Hearn <sheldonh@starjuice.net>, <FreeBSD@jovi.net>, <freebsd-questions@FreeBSD.ORG>, <freebsd-arch@FreeBSD.ORG>, <bug-followup@FreeBSD.ORG>
Subject:   Re: kern/33904: secure mode bug
Message-ID:  <20020117002038.L3563-100000@gamplex.bde.org>
In-Reply-To: <20020116010937.K31328@blossom.cjclark.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 16 Jan 2002, Crist J . Clark wrote:

> On Wed, Jan 16, 2002 at 10:56:28AM +0200, Sheldon Hearn wrote:
> > Basically, we're being asked to compensate for poor conduct on the
> > part of an administrator who changed the securelevel without knowing
> > what he was doing.  We can't compensate for poor change control in our
> > documentation.
>
> I think there is a valid point. The settimeofday(2) call returns
> success even though the change requested by the call is not really
> done. This is somewhat questionable behavior. The documentation for
> settimeofday(2) was not clear about how this works under elevated
> securelevel(8), and in fact, the documentation is actually wrong
> (which I will fix shortly).

Don't forget to "fix" the Standard way to set times (clock_settime(2))
and the standard that says that clock_settime() shall set the time or
fail (POSIX).

The man pages are also misleading at best about adjtime(2) setting the
time backwards.  adjtime(2) can't go backwards fast enough to do more
than retard the advance of the time, except possibly for bugs.

The original "fix" may be moot because ntpd now uses the kernel pll
automagically by default.  Large steps by ntpdate and ntpd can't be
replaced by the kernel pll, but the don't work anyway when securelevel
> 1.

Bruce


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020117002038.L3563-100000>