- Merged OpenBSD CVS changes:

[openssh.git] / ssh.c

diff --git a/ssh.c b/ssh.c
index 7e66b52f7546d2e6028b181fd1976532aa1eedc8..28fa32907144b6a4d1618d8d1f45aa722cfa130a 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -555,6 +555,13 @@ main(int ac, char **av)
      them.  Also, extra privileges could make it very hard to read identity
      files and other non-world-readable files from the user's home directory
      if it happens to be on a NFS volume where root is mapped to nobody. */
+
+  /* Note that some legacy systems need to postpone the following call to
+     permanently_set_uid() until the private hostkey is destroyed with
+     RSA_free().  Otherwise the calling user could ptrace() the process,
+     read the private hostkey and impersonate the host.  OpenBSD does not
+     allow ptracing of setuid processes. */
+
   permanently_set_uid(original_real_uid);
 
   /* Now that we are back to our own permissions, create ~/.ssh directory