From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux 2.2.17-14 alpha; en-US; 0.8) Gecko/20010217 Using package ntp with md5 hash: ntp-4.0.99j-7.alpha.rpm: B4 32 03 78 86 4F 18 A3 7D 96 FE 6E B3 F7 D9 E4 ntpd apparently starts from init.d scripts fine, except for the syslog entry: Apr 2 15:12:12 xxxxxxxx ntpd[5754]: 0.0.0.0 is inappropriate address for the fudge command, line ignored (the fudge command exists in /etc/ntp.conf, but is not set to the 0.0.0.0 address) With an everything-allowed access policy, it works. With a deny-by-default access policy, "ntpq -p" hangs with the following message: 127.0.0.1: timed out, nothing received ***Request timed out despite having expicit allow access lines for both 127.0.0.1 and the machines ethernet IP address. Similar problems occur when using the ntpdc and ntptrace programs. Reproducible: Always Steps to Reproduce: 1.rpm -Uvh --force ntp-4.0.99j-7.alpha.rpm 2.Add a few servers and the lines: restrict default allow restrict 127.0.0.1 to the top of the file /etc/ntp.conf 3./etc/rc.d/init.d/ntpd start 4.ntpq -p 5.Change "restrict default allow" to "restrict default ignore" 6./etc/rc.d/init.d/ntpd restart 7.ntpq -p Actual Results: output from step 4: remote refid st t when poll reach delay offset jitter ============================================================================== 0.0.0.0 0.0.0.0 16 u - 64 0 0.000 0.000 4000.00 xxx.xxxxxxx.gla maverick.mcc.ac 3 u 51 64 3 0.337 2.150 0.001 xxxxx.xxxxxxx.g maverick.mcc.ac 3 u 20 64 3 0.245 -3.906 0.001 xxxxx.xxxxxxx.g veracity.mcc.ac 3 u 13 64 3 0.280 3.043 0.003 output from step7: 127.0.0.1: timed out, nothing received ***Request timed out Expected Results: step 4 produces correct output, step 7 should produce the following output (as we haven't allowed access from our servers): remote refid st t when poll reach delay offset jitter ============================================================================== LOCAL(0) LOCAL(0) 10 l 39 64 3 0.000 0.000 0.000 xxx.xxxxxxx.gla 0.0.0.0 16 u - 64 0 0.000 0.000 4000.00 xxxxx.xxxxxxx.g 0.0.0.0 16 u - 64 0 0.000 0.000 4000.00 xxxxx.xxxxxxx.g 0.0.0.0 16 u - 64 0 0.000 0.000 4000.00 FIX: recompile from the Source RPM using gcc-2.96-69. Install (using --force option) and restart server. Although I've tagged this bug's severity as Security, it's a minor one. Without an access policy, unauthorised machines can alter you machines' concept of time. This is unlikely, in itself, to be a security problem, but it may prove "useful" when combined with other attacks. NB this style of bug (network access on Alpha 164LX) is common to other bugs (gdm-xdmcp, samba) which are also solved by recompiling with gcc-2.96-69.
NTP in 7.1 has been recompiled with the newer compiler release. These packages are available via rawhide, and will of course also be in the next release.