[grsec] RLIMIT_MEMLOCK resource overstep by ntpd
Barry.Schwartz at chemoelectric.org
Barry.Schwartz at chemoelectric.org
Thu May 12 18:09:52 EDT 2005
David Cannings <lists at edeca.net> wrote:
> John Logsdon wrote:
> > (ntp-4.2.0.a.20040617-4, CentOS4, 2.6.11.7-grsec, grsec not enabled)
> >
> > I see from the PaX reply on the Gentoo hardened list (24 Jan 2005) that
> > this report is due to extending the check to userland, which seems
> > logical.
> >
> > So it appears that ntpd (running under uid/gid=38) has a problem. In
> > fact since the clock doesn't appear to have changed, this message implies
> > that ntpd hasn't worked either, which is more serious if it is true.
>
> I switched to openntpd when I had similar trouble a few months back and
> I haven't had any problems since.
I was going to write the same thing. It's easier to use than ntpd,
too, mainly because it doesn't try to do everything for everyone in
one package.
--
Barry.Schwartz at chemoelectric.org http://www.chemoelectric.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20050512/5393efcf/attachment.pgp
More information about the grsecurity
mailing list