[tor-bugs] #3374 [Torouter]: Torouter OS and configuration

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Sat Jun 11 19:44:28 UTC 2011 

#3374: Torouter OS and configuration
----------------------+-----------------------------------------------------
 Reporter:  runa      |          Owner:  runa
     Type:  task      |         Status:  new 
 Priority:  normal    |      Milestone:      
Component:  Torouter  |        Version:      
 Keywords:            |         Parent:      
   Points:            |   Actualpoints:      
----------------------+-----------------------------------------------------

Comment(by cypherpunks):

 Replying to [comment:20 gilles]:
 > Replying to [comment:11 rransom]:
 > > > > An alternative that I trust less is OpenNTPD but it is already
 packaged:
 > > {{{
 > > openntpd
 > > }}}
 > > >
 > > > Why do you trust it less?
 > >
 > > clockspeed was written by DJB, and is ''very'' unlikely to have
 security holes.  clockspeed also appears to use less frequent network
 queries than NTP clients would, although it might not behave properly on a
 computer with CPU frequency scaling.

 Yep. Also, I think is probably better for an embedded client.

 > Just to set the record straight OpenNTPD is written by the same people
 who write OpenSSH (which you seem to trust). I may have misunderstood your
 comment about clockspeed but it seemed to imply OpenNTPD was less
 trustable *just* because DJB didn't write it, that seems a bit irrational.
 OpenNTPD has privileges separation, runs chrooted under an unprivileged
 user, has a secure design and no bad security history.

 I trust OpenSSH within a very small window of attack surface. It is not
 perfect software and no person other than djb can even come close to
 writing near-perfect network security software. See qmail for an example.

 OpenNTPD does have privilege separation, run with a chroot, run as a non-
 root user, and so on. I use it on some systems. I would still feel safer
 using djb software based on his total history of software development, I
 don't really think the history of OpenBSD or OpenSSH is as taint free as
 his. I don't think that's irrational.

 With that said, I think OpenNTPD is probably fine, my personal preference
 would be to use djb's code if I did not have time to analysis or audit
 *either* of them.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3374#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list