On 01/07/2017 09:33 AM, Mart van de Wege wrote:
Turns out the Debian default is indeed to provide time service if you
install NTP. Shouldn't that be limited to localhost only, so that an
admin must deliberately open up the service if they want to provide NTP
service to the outside world?
Did you install any package that suggested or depended on the ntp package? Because on my system, the ntp package is not installed. ntp is handled by systemd-timesyncd. So the current Debian installer does not install the ntp by default in my opinion.
I downloaded the ntp_4.2.6.p5+dfsg-7+deb8u2_amd64 package and looked into the /etc/ntp.conf and it is restricted to 127.0.0.1 and ::1 by default.
I thought of opening a bug, but I'd like a second opinion
first. Thoughts anyone?
I think you should give us a little more details before filing a bug report (what did you install, which files did you change, ...).
-- Michael