- djm@cvs.openbsd.org 2003/11/21 11:57:03

[everything] unexpand and delete whitespace at EOL; ok markus@ (done locally and RCS IDs synced)
author: Damien Miller <djm@mindrot.org> 2003-11-21 23:48:55 +1100
committer: Damien Miller <djm@mindrot.org> 2003-11-21 23:48:55 +1100
commit: a8e06cef35c205e1aa562513c6d034a10c8c9a6d (patch)
tree: cf8bdb4466f553088c020b9179cabd6eaf196075 /README.privsep
parent: 8c5e91c03fdd2693f0635f8b2a9904bffc94ce16 (diff)
1 files changed, 6 insertions, 6 deletions
diff --git a/README.privsep b/README.privsep
index 64adad83b..9d48bbcf9 100644
--- a/README.privsep
+++ b/README.privsep
@@ -1,15 +1,15 @@
 Privilege separation, or privsep, is method in OpenSSH by which
 operations that require root privilege are performed by a separate
 privileged monitor process.  Its purpose is to prevent privilege
-escalation by containing corruption to an unprivileged process.  
+escalation by containing corruption to an unprivileged process.
 More information is available at:
        http://www.citi.umich.edu/u/provos/ssh/privsep.html
 Privilege separation is now enabled by default; see the
 UsePrivilegeSeparation option in sshd_config(5).
-On systems which lack mmap or anonymous (MAP_ANON) memory mapping, 
+On systems which lack mmap or anonymous (MAP_ANON) memory mapping,
-compression must be disabled in order for privilege separation to 
+compression must be disabled in order for privilege separation to
 function.
 When privsep is enabled, during the pre-authentication phase sshd will
@@ -38,9 +38,9 @@ privsep user and chroot directory:
 Privsep requires operating system support for file descriptor passing.
 Compression will be disabled on systems without a working mmap MAP_ANON.
-PAM-enabled OpenSSH is known to function with privsep on Linux.  
+PAM-enabled OpenSSH is known to function with privsep on Linux.
 It does not function on HP-UX with a trusted system
-configuration. 
+configuration.
 On Compaq Tru64 Unix, only the pre-authentication part of privsep is
 supported.  Post-authentication privsep is disabled automatically (so
@@ -61,4 +61,4 @@ process 1005 is the sshd process listening for new connections.
 process 6917 is the privileged monitor process, 6919 is the user owned
 sshd process and 6921 is the shell process.
-$Id: README.privsep,v 1.12 2003/08/26 00:48:15 djm Exp $
+$Id: README.privsep,v 1.13 2003/11/21 12:48:55 djm Exp $
author	Damien Miller <djm@mindrot.org>	2003-11-21 23:48:55 +1100
committer	Damien Miller <djm@mindrot.org>	2003-11-21 23:48:55 +1100
commit	a8e06cef35c205e1aa562513c6d034a10c8c9a6d (patch)
tree	cf8bdb4466f553088c020b9179cabd6eaf196075 /README.privsep
parent	8c5e91c03fdd2693f0635f8b2a9904bffc94ce16 (diff)

diff --git a/README.privsep b/README.privsep index 64adad83b..9d48bbcf9 100644 --- a/README.privsep +++ b/README.privsep
@@ -1,15 +1,15 @@
1	Privilege separation, or privsep, is method in OpenSSH by which	1	Privilege separation, or privsep, is method in OpenSSH by which
2	operations that require root privilege are performed by a separate	2	operations that require root privilege are performed by a separate
3	privileged monitor process. Its purpose is to prevent privilege	3	privileged monitor process. Its purpose is to prevent privilege
4	escalation by containing corruption to an unprivileged process.	4	escalation by containing corruption to an unprivileged process.
5	More information is available at:	5	More information is available at:
6	http://www.citi.umich.edu/u/provos/ssh/privsep.html	6	http://www.citi.umich.edu/u/provos/ssh/privsep.html
7		7
8	Privilege separation is now enabled by default; see the	8	Privilege separation is now enabled by default; see the
9	UsePrivilegeSeparation option in sshd_config(5).	9	UsePrivilegeSeparation option in sshd_config(5).
10		10
11	On systems which lack mmap or anonymous (MAP_ANON) memory mapping,	11	On systems which lack mmap or anonymous (MAP_ANON) memory mapping,
12	compression must be disabled in order for privilege separation to	12	compression must be disabled in order for privilege separation to
13	function.	13	function.
14		14
15	When privsep is enabled, during the pre-authentication phase sshd will	15	When privsep is enabled, during the pre-authentication phase sshd will
@@ -38,9 +38,9 @@ privsep user and chroot directory:
38	Privsep requires operating system support for file descriptor passing.	38	Privsep requires operating system support for file descriptor passing.
39	Compression will be disabled on systems without a working mmap MAP_ANON.	39	Compression will be disabled on systems without a working mmap MAP_ANON.
40		40
41	PAM-enabled OpenSSH is known to function with privsep on Linux.	41	PAM-enabled OpenSSH is known to function with privsep on Linux.
42	It does not function on HP-UX with a trusted system	42	It does not function on HP-UX with a trusted system
43	configuration.	43	configuration.
44		44
45	On Compaq Tru64 Unix, only the pre-authentication part of privsep is	45	On Compaq Tru64 Unix, only the pre-authentication part of privsep is
46	supported. Post-authentication privsep is disabled automatically (so	46	supported. Post-authentication privsep is disabled automatically (so
@@ -61,4 +61,4 @@ process 1005 is the sshd process listening for new connections.
61	process 6917 is the privileged monitor process, 6919 is the user owned	61	process 6917 is the privileged monitor process, 6919 is the user owned
62	sshd process and 6921 is the shell process.	62	sshd process and 6921 is the shell process.
63		63
64	$Id: README.privsep,v 1.12 2003/08/26 00:48:15 djm Exp $	64	$Id: README.privsep,v 1.13 2003/11/21 12:48:55 djm Exp $