Re: [tor-bugs] #3374 [Torouter]: Torouter OS and configuration

["Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>]

#3374: Torouter OS and configuration
----------------------+-----------------------------------------------------
 Reporter:  runa      |          Owner:  runa
     Type:  task      |         Status:  new 
 Priority:  normal    |      Milestone:      
Component:  Torouter  |        Version:      
 Keywords:            |         Parent:      
   Points:            |   Actualpoints:      
----------------------+-----------------------------------------------------

Comment(by gilles):

 Replying to [comment:11 rransom]:
 > > > An alternative that I trust less is OpenNTPD but it is already
 packaged:
 > {{{
 > openntpd
 > }}}
 > >
 > > Why do you trust it less?
 >
 > clockspeed was written by DJB, and is ''very'' unlikely to have security
 holes.  clockspeed also appears to use less frequent network queries than
 NTP clients would, although it might not behave properly on a computer
 with CPU frequency scaling.

 Just to set the record straight OpenNTPD is written by the same people who
 write OpenSSH (which you seem to trust). I may have misunderstood your
 comment about clockspeed but it seemed to imply OpenNTPD was less
 trustable *just* because DJB didn't write it, that seems a bit irrational.
 OpenNTPD has privileges separation, runs chrooted under an unprivileged
 user, has a secure design and no bad security history.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3374#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs