- markus@cvs.openbsd.org 2002/05/15 21:02:53
[servconf.c sshd.8 sshd_config]
disable privsep and enable setuid for the 3.2.2 release
This commit is contained in:
Ben Lindstrom
parent
c57bbf158d
commit
c5c15dde32
|
|
@ -39,6 +39,9 @@
|
|||
[ssh.1 sshd.8]
|
||||
Kill/adjust r(login|exec)d? references now that those are no longer in
|
||||
the tree.
|
||||
- markus@cvs.openbsd.org 2002/05/15 21:02:53
|
||||
[servconf.c sshd.8 sshd_config]
|
||||
disable privsep and enable setuid for the 3.2.2 release
|
||||
- (bal) Fixed up PAM case. I think.
|
||||
- (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy
|
||||
|
||||
|
|
@ -645,4 +648,4 @@
|
|||
- (stevesk) entropy.c: typo in debug message
|
||||
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
||||
|
||||
$Id: ChangeLog,v 1.2132 2002/05/15 21:36:45 mouring Exp $
|
||||
$Id: ChangeLog,v 1.2133 2002/05/15 21:37:34 mouring Exp $
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: servconf.c,v 1.108 2002/05/04 02:39:35 deraadt Exp $");
|
||||
RCSID("$OpenBSD: servconf.c,v 1.109 2002/05/15 21:02:52 markus Exp $");
|
||||
|
||||
#if defined(KRB4)
|
||||
#include <krb.h>
|
||||
|
|
@ -250,9 +250,9 @@ fill_default_server_options(ServerOptions *options)
|
|||
if (options->authorized_keys_file == NULL)
|
||||
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
|
||||
|
||||
/* Turn privilege separation on by default */
|
||||
/* Turn privilege separation _off_ by default */
|
||||
if (use_privsep == -1)
|
||||
use_privsep = 1;
|
||||
use_privsep = 0;
|
||||
}
|
||||
|
||||
/* Keyword tokens. */
|
||||
|
|
|
|||
4
sshd.8
4
sshd.8
|
|
@ -34,7 +34,7 @@
|
|||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: sshd.8,v 1.180 2002/05/06 23:34:33 millert Exp $
|
||||
.\" $OpenBSD: sshd.8,v 1.181 2002/05/15 21:02:53 markus Exp $
|
||||
.Dd September 25, 1999
|
||||
.Dt SSHD 8
|
||||
.Os
|
||||
|
|
@ -852,7 +852,7 @@ another process will be created that has the privilege of the authenticated
|
|||
user. The goal of privilege separation is to prevent privilege
|
||||
escalation by containing any corruption within the unprivileged processes.
|
||||
The default is
|
||||
.Dq yes .
|
||||
.Dq no .
|
||||
.It Cm VerifyReverseMapping
|
||||
Specifies whether
|
||||
.Nm
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# $OpenBSD: sshd_config,v 1.52 2002/05/04 02:39:35 deraadt Exp $
|
||||
# $OpenBSD: sshd_config,v 1.53 2002/05/15 21:02:53 markus Exp $
|
||||
|
||||
# This is the sshd server system-wide configuration file. See sshd(8)
|
||||
# for more information.
|
||||
|
|
@ -80,7 +80,7 @@
|
|||
#PrintLastLog yes
|
||||
#KeepAlive yes
|
||||
#UseLogin no
|
||||
#UsePrivilegeSeparation yes
|
||||
#UsePrivilegeSeparation no
|
||||
|
||||
#MaxStartups 10
|
||||
# no default banner path
|
||||
|
|
|
|||
Loading…
Reference in New Issue