From: Martin Pitt <martin.pitt@canonical.com>
Subject: do not set CAP_SYS_TIME as inheritable
Bug: http://bugs.ntp.org/1432
Bug-Debian: http://bugs.debian.org/282941
Bug-Debian: http://bugs.debian.org/298059

Index: ntp-4.2.6+dfsg/ntpd/ntpd.c
===================================================================
--- ntp-4.2.6+dfsg.orig/ntpd/ntpd.c	2009-12-25 12:21:32.000000000 +0000
+++ ntp-4.2.6+dfsg/ntpd/ntpd.c	2009-12-25 12:21:32.000000000 +0000
@@ -1015,8 +1015,8 @@
 			 */
 			cap_t caps;
 			char *captext = (interface_interval)
-				? "cap_sys_time,cap_net_bind_service=ipe"
-				: "cap_sys_time=ipe";
+				? "cap_sys_time,cap_net_bind_service=pe"
+				: "cap_sys_time=pe";
 			if( ! ( caps = cap_from_text( captext ) ) ) {
 				msyslog( LOG_ERR, "cap_from_text() failed: %m" );
 				exit(-1);