Found it: https://lists.ntpsec.org/pipermail/devel/2019-February/007659.html
From: Richard Laager Subject: Is it time to drop seccomp? Here is the key chunk. Thanks Richard!! I think the setuid/setcap as described above is dangerous. Unless you limit the permissions on "other" (e.g. chmod 2700 or 2750), any user will be able to execute ntpd (with a config file of their choice) and have it set the system time! Also, you probably don't want the ntp user to be able to modify the ntpd executable, so you would probably want 2500 or 2550 as the mode. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
