tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-28 00:04:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

- markus@cvs.openbsd.org 2002/05/15 21:56:38

Browse Source 
[servconf.c sshd.8 sshd_config]
     re-enable privsep and disable setuid for post-3.2.2
This commit is contained in:
Ben Lindstrom 2002-06-06 19:47:11 +00:00
parent df75dd21f5
commit fb62a69488
4 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -1,3 +1,9 @@
20020606
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/05/15 21:56:38
[servconf.c sshd.8 sshd_config]
re-enable privsep and disable setuid for post-3.2.2
20020604 20020604
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
setsockopt from debug to error for now). setsockopt from debug to error for now).
@ -681,4 +687,4 @@
- (stevesk) entropy.c: typo in debug message - (stevesk) entropy.c: typo in debug message
- (djm) ssh-keygen -i needs seeded RNG; report from markus@ - (djm) ssh-keygen -i needs seeded RNG; report from markus@
$Id: ChangeLog,v 1.2143 2002/06/04 20:52:19 stevesk Exp $ $Id: ChangeLog,v 1.2144 2002/06/06 19:47:11 mouring Exp $

6
servconf.c
View File

@ -10,7 +10,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: servconf.c,v 1.109 2002/05/15 21:02:52 markus Exp $"); RCSID("$OpenBSD: servconf.c,v 1.110 2002/05/15 21:56:38 markus Exp $");
#if defined(KRB4) #if defined(KRB4)
#include <krb.h> #include <krb.h>
@ -250,9 +250,9 @@ fill_default_server_options(ServerOptions *options)
if (options->authorized_keys_file == NULL) if (options->authorized_keys_file == NULL)
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
/* Turn privilege separation _off_ by default */ /* Turn privilege separation on by default */
if (use_privsep == -1) if (use_privsep == -1)
use_privsep = 0; use_privsep = 1;
} }
/* Keyword tokens. */ /* Keyword tokens. */

4
sshd.8
View File

@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: sshd.8,v 1.181 2002/05/15 21:02:53 markus Exp $ .\" $OpenBSD: sshd.8,v 1.182 2002/05/15 21:56:38 markus Exp $
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSHD 8 .Dt SSHD 8
.Os .Os
@ -852,7 +852,7 @@ another process will be created that has the privilege of the authenticated
user. The goal of privilege separation is to prevent privilege user. The goal of privilege separation is to prevent privilege
escalation by containing any corruption within the unprivileged processes. escalation by containing any corruption within the unprivileged processes.
The default is The default is
.Dq no . .Dq yes .
.It Cm VerifyReverseMapping .It Cm VerifyReverseMapping
Specifies whether Specifies whether
.Nm .Nm

4
sshd_config
View File

@ -1,4 +1,4 @@
# $OpenBSD: sshd_config,v 1.53 2002/05/15 21:02:53 markus Exp $ # $OpenBSD: sshd_config,v 1.54 2002/05/15 21:56:38 markus Exp $
# This is the sshd server system-wide configuration file. See sshd(8) # This is the sshd server system-wide configuration file. See sshd(8)
# for more information. # for more information.
@ -80,7 +80,7 @@
#PrintLastLog yes #PrintLastLog yes
#KeepAlive yes #KeepAlive yes
#UseLogin no #UseLogin no
#UsePrivilegeSeparation no #UsePrivilegeSeparation yes
#MaxStartups 10 #MaxStartups 10
# no default banner path # no default banner path