[servconf.c sshd.8 sshd_config]
re-enable privsep and disable setuid for post-3.2.2
+20020606
+ - (bal) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/05/15 21:56:38
+ [servconf.c sshd.8 sshd_config]
+ re-enable privsep and disable setuid for post-3.2.2
+
20020604
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
setsockopt from debug to error for now).
20020604
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
setsockopt from debug to error for now).
-RCSID("$OpenBSD: servconf.c,v 1.109 2002/05/15 21:02:52 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.110 2002/05/15 21:56:38 markus Exp $");
#if defined(KRB4)
#include <krb.h>
#if defined(KRB4)
#include <krb.h>
if (options->authorized_keys_file == NULL)
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
if (options->authorized_keys_file == NULL)
options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
- /* Turn privilege separation _off_ by default */
+ /* Turn privilege separation on by default */
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.181 2002/05/15 21:02:53 markus Exp $
+.\" $OpenBSD: sshd.8,v 1.182 2002/05/15 21:56:38 markus Exp $
.Dd September 25, 1999
.Dt SSHD 8
.Os
.Dd September 25, 1999
.Dt SSHD 8
.Os
user. The goal of privilege separation is to prevent privilege
escalation by containing any corruption within the unprivileged processes.
The default is
user. The goal of privilege separation is to prevent privilege
escalation by containing any corruption within the unprivileged processes.
The default is
.It Cm VerifyReverseMapping
Specifies whether
.Nm
.It Cm VerifyReverseMapping
Specifies whether
.Nm
-# $OpenBSD: sshd_config,v 1.53 2002/05/15 21:02:53 markus Exp $
+# $OpenBSD: sshd_config,v 1.54 2002/05/15 21:56:38 markus Exp $
# This is the sshd server system-wide configuration file. See sshd(8)
# for more information.
# This is the sshd server system-wide configuration file. See sshd(8)
# for more information.
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
-#UsePrivilegeSeparation no
+#UsePrivilegeSeparation yes
#MaxStartups 10
# no default banner path
#MaxStartups 10
# no default banner path