upstream commit

UsePrivilegeSeparation defaults to sandbox now. ok djm@ Upstream-ID: bff136c38bcae89df82e044d2f42de21e1ad914f
author: sobrado@openbsd.org <sobrado@openbsd.org> 2015-10-07 14:45:30 +0000
committer: Damien Miller <djm@mindrot.org> 2015-10-08 04:01:05 +1100
commit: bdcb73fb7641b1cf73c0065d1a0dd57b1e8b778e (patch)
tree: 48d9a4e57c8a5fee40396e5e22d32adf9ae0808e
parent: 2905d6f99c837bb699b6ebc61711b19acd030709 (diff)
1 files changed, 9 insertions, 4 deletions
diff --git a/sshd_config.5 b/sshd_config.5
index cd3b5cfe3..149dc7e14 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.212 2015/09/11 03:13:36 djm Exp $
+.\" $OpenBSD: sshd_config.5,v 1.213 2015/10/07 14:45:30 sobrado Exp $
-.Dd $Mdocdate: September 11 2015 $
+.Dd $Mdocdate: October 7 2015 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -1587,14 +1587,19 @@ After successful authentication, another process will be created that has
 the privilege of the authenticated user.
 The goal of privilege separation is to prevent privilege
 escalation by containing any corruption within the unprivileged processes.
-The default is
+The argument must be
-.Dq yes .
+.Dq yes ,
+.Dq no ,
+or
+.Dq sandbox .
 If
 .Cm UsePrivilegeSeparation
 is set to
 .Dq sandbox
 then the pre-authentication unprivileged process is subject to additional
 restrictions.
+The default is
+.Dq sandbox .
 .It Cm VersionAddendum
 Optionally specifies additional text to append to the SSH protocol banner
 sent by the server upon connection.
author	sobrado@openbsd.org <sobrado@openbsd.org>	2015-10-07 14:45:30 +0000
committer	Damien Miller <djm@mindrot.org>	2015-10-08 04:01:05 +1100
commit	bdcb73fb7641b1cf73c0065d1a0dd57b1e8b778e (patch)
tree	48d9a4e57c8a5fee40396e5e22d32adf9ae0808e
parent	2905d6f99c837bb699b6ebc61711b19acd030709 (diff)

diff --git a/sshd_config.5 b/sshd_config.5 index cd3b5cfe3..149dc7e14 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: sshd_config.5,v 1.212 2015/09/11 03:13:36 djm Exp $	36	.\" $OpenBSD: sshd_config.5,v 1.213 2015/10/07 14:45:30 sobrado Exp $
37	.Dd $Mdocdate: September 11 2015 $	37	.Dd $Mdocdate: October 7 2015 $
38	.Dt SSHD_CONFIG 5	38	.Dt SSHD_CONFIG 5
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -1587,14 +1587,19 @@ After successful authentication, another process will be created that has
1587	the privilege of the authenticated user.	1587	the privilege of the authenticated user.
1588	The goal of privilege separation is to prevent privilege	1588	The goal of privilege separation is to prevent privilege
1589	escalation by containing any corruption within the unprivileged processes.	1589	escalation by containing any corruption within the unprivileged processes.
1590	The default is	1590	The argument must be
1591	.Dq yes .	1591	.Dq yes ,
		1592	.Dq no ,
		1593	or
		1594	.Dq sandbox .
1592	If	1595	If
1593	.Cm UsePrivilegeSeparation	1596	.Cm UsePrivilegeSeparation
1594	is set to	1597	is set to
1595	.Dq sandbox	1598	.Dq sandbox
1596	then the pre-authentication unprivileged process is subject to additional	1599	then the pre-authentication unprivileged process is subject to additional
1597	restrictions.	1600	restrictions.
		1601	The default is
		1602	.Dq sandbox .
1598	.It Cm VersionAddendum	1603	.It Cm VersionAddendum
1599	Optionally specifies additional text to append to the SSH protocol banner	1604	Optionally specifies additional text to append to the SSH protocol banner
1600	sent by the server upon connection.	1605	sent by the server upon connection.