openntpd-openbsd

Source code pulled from OpenBSD for OpenNTPD. The place to contribute to this code is via the OpenBSD CVS tree.

reyk 707f923fe3 Move execution of the constraints from the ntp to the parent process. This helps the ntp process to a) give a better pledge(2) and to b) keep the promise of "saving the world again... on time" by removing the delays that have been introduced by expensive constraint forks. The new design offers better privsep but introduces a few more imsgs and runs a little bit more code in the privileged parent. The privileged code is minimal, carefully checked, and does not attempt to "parse" any contents; the forked constraints instantly drop all privileges and pledge to "stdio inet". OK beck@ deraadt@	8 years ago
src	Move execution of the constraints from the ntp to the parent process.	8 years ago

reyk 707f923fe3 Move execution of the constraints from the ntp to the parent process.

This helps the ntp process to a) give a better pledge(2) and to b)
keep the promise of "saving the world again... on time" by removing
the delays that have been introduced by expensive constraint forks.
The new design offers better privsep but introduces a few more imsgs
and runs a little bit more code in the privileged parent.  The
privileged code is minimal, carefully checked, and does not attempt to
"parse" any contents; the forked constraints instantly drop all
privileges and pledge to "stdio inet".
OK beck@ deraadt@

8 years ago

src

Move execution of the constraints from the ntp to the parent process.

8 years ago