In article <199808300501.BAA08612at_private>, Andy Church <achurchat_private> wrote: > In other words, if you can't manually set the clock back, get the > system to do it for you. And if the system doesn't allow the clock to > "turn over", then all sorts of things will go bonkers when the clock hits > its maximum (cron jobs, for one), turning this into a DoS of sorts. So I > don't see this as a particularly effective measure. One way I could see to > make this more effective would be to use 64-bit times and disallow both > setting the clock back and changing the top 2 bits to anything other than > zero. This would break the rollover attack without causing any premature > Y2k-like problems (2^62 seconds ~= 10^13 years). This is still a DOS of sorts, as you can set the clock to 2^62-1, and then it will be impossible to return the clock to the correct time without rebooting. Many things will probably be unhappy to find themselves 10^13 years in the future. -- Shields, CrossLink.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:14:26 PDT