diff options
author | Darren Tucker <dtucker@zip.com.au> | 2010-01-08 17:06:47 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2010-01-08 17:06:47 +1100 |
commit | f788a91624601857c586a4dd97c66083946e7781 (patch) | |
tree | a53ff27feae6c3aa7c44faf6ff9436ccd0e3d73b | |
parent | 78be8c54d65e151a3d8a5855ce5067c72f915799 (diff) |
- djm@cvs.openbsd.org 2009/11/10 02:58:56
[sshd_config.5]
clarify that StrictModes does not apply to ChrootDirectory. Permissions
and ownership are always checked when chrooting. bz#1532
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | sshd_config.5 | 7 |
2 files changed, 9 insertions, 2 deletions
@@ -43,6 +43,10 @@ | |||
43 | [ssh_config.5] | 43 | [ssh_config.5] |
44 | explain the constraints on LocalCommand some more so people don't | 44 | explain the constraints on LocalCommand some more so people don't |
45 | try to abuse it. | 45 | try to abuse it. |
46 | - djm@cvs.openbsd.org 2009/11/10 02:58:56 | ||
47 | [sshd_config.5] | ||
48 | clarify that StrictModes does not apply to ChrootDirectory. Permissions | ||
49 | and ownership are always checked when chrooting. bz#1532 | ||
46 | 50 | ||
47 | 20091226 | 51 | 20091226 |
48 | - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1 | 52 | - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1 |
diff --git a/sshd_config.5 b/sshd_config.5 index 7e7c6f855..e54e70079 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -34,8 +34,8 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd_config.5,v 1.111 2009/10/28 21:45:08 jmc Exp $ | 37 | .\" $OpenBSD: sshd_config.5,v 1.112 2009/11/10 02:58:56 djm Exp $ |
38 | .Dd $Mdocdate: October 28 2009 $ | 38 | .Dd $Mdocdate: November 10 2009 $ |
39 | .Dt SSHD_CONFIG 5 | 39 | .Dt SSHD_CONFIG 5 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -832,6 +832,9 @@ This is normally desirable because novices sometimes accidentally leave their | |||
832 | directory or files world-writable. | 832 | directory or files world-writable. |
833 | The default is | 833 | The default is |
834 | .Dq yes . | 834 | .Dq yes . |
835 | Note that this does not apply to | ||
836 | .Cm ChrootDirectory , | ||
837 | whose permissions and ownership are checked unconditionally. | ||
835 | .It Cm Subsystem | 838 | .It Cm Subsystem |
836 | Configures an external subsystem (e.g. file transfer daemon). | 839 | Configures an external subsystem (e.g. file transfer daemon). |
837 | Arguments should be a subsystem name and a command (with optional arguments) | 840 | Arguments should be a subsystem name and a command (with optional arguments) |