[time-nuts] future NTP programs...

David C. Partridge david.partridge at perdrix.co.uk
Tue Nov 11 04:04:29 EST 2014

> it would not be OK to design a daemon which handles the crypto stuff or the control packets in a root-process, those should go in a sandbox.

Absolutely agree, in my previous life in the data security arena (crypto, data security, white hat tester etc..), doing that sort of thing in a privileged process or similar (e.g. kernel) was a seriously discouraged - far too great a risk of compromise.  Keep it all in a user state process with NO write access to anything except the communications port (serial / UDP / TCP / w.h.y.) it is talking on.

David Partridge 

More information about the time-nuts mailing list