Following a new security vulnerability in the Network Time Protocol software package, Apple has provided a software update for Mountain Lion and newer versions of OS X.
As usual, the older versions of OS X that one may be stuck with (because the hardware does not support newer versions, because one needs Rosetta, …) are not covered by the security update.
My questions are:
-
is disabling “set date and time automatically” in Software Preferences enough to ensure that ntpd is not running?
-
what might break if the ntdp binary was simply deleted for safety on OS X Snow Leopard or Lion?
In doubt I might use these instructions to limit the scope of ntpd without completely disabling/deleting it, but in this case there remains the risk of getting it wrong and leaving ntpd exposed.
Best Answer
Yes.
Here is the way to insure yourself of this. Open a
Terminal
orxterm
window.Run the following command:
and notice that you have an
ntpd
process running.Open
System Preferences
and turn offSet date and time automatically:
Check with the
ps
command above that you don't have anyntpd
process running.Don't remove the
ntpd
binary, this is not necessary and would deprive you of the chance to take advantage of a fix from Apple :).No.
This receipe will leave you with a running
ntpd
and hence exposed to an attack.