summaryrefslogtreecommitdiff
path: root/debian/patches/debian-config.patch
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2015-08-19 21:45:08 +0100
committerColin Watson <cjwatson@debian.org>2015-08-19 21:45:49 +0100
commitde735528212f66b87a6881015fa6b74cc543d183 (patch)
tree6d0c0e456813c9c4235d22d1fedf9b1886aebe79 /debian/patches/debian-config.patch
parent56142d8274dde941e781cbe95cea01ee45972765 (diff)
parent5c0c1192be30b7c0e60d96b5e6739c4ad49f087b (diff)
Document the Debian-specific change to the default value of ForwardX11Trusted in ssh(1) (closes: #781469).
Diffstat (limited to 'debian/patches/debian-config.patch')
-rw-r--r--debian/patches/debian-config.patch43
1 files changed, 41 insertions, 2 deletions
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index 4f5db8a91..c990a01c3 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -1,4 +1,4 @@
1From 810eecd6b2e03770f21e46b5cb8ce8c7fcd46da8 Mon Sep 17 00:00:00 2001 1From 88ebb6a4a95f2f9ded930587c33f08cff0fc1db4 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:18 +0000 3Date: Sun, 9 Feb 2014 16:10:18 +0000
4Subject: Various Debian-specific configuration changes 4Subject: Various Debian-specific configuration changes
@@ -27,11 +27,12 @@ Last-Update: 2015-08-19
27Patch-Name: debian-config.patch 27Patch-Name: debian-config.patch
28--- 28---
29 readconf.c | 2 +- 29 readconf.c | 2 +-
30 ssh.1 | 21 +++++++++++++++++++++
30 ssh_config | 7 ++++++- 31 ssh_config | 7 ++++++-
31 ssh_config.5 | 19 ++++++++++++++++++- 32 ssh_config.5 | 19 ++++++++++++++++++-
32 sshd_config | 3 ++- 33 sshd_config | 3 ++-
33 sshd_config.5 | 25 +++++++++++++++++++++++++ 34 sshd_config.5 | 25 +++++++++++++++++++++++++
34 5 files changed, 52 insertions(+), 4 deletions(-) 35 6 files changed, 73 insertions(+), 4 deletions(-)
35 36
36diff --git a/readconf.c b/readconf.c 37diff --git a/readconf.c b/readconf.c
37index 5f6c37f..f0769b5 100644 38index 5f6c37f..f0769b5 100644
@@ -46,6 +47,44 @@ index 5f6c37f..f0769b5 100644
46 if (options->forward_x11_timeout == -1) 47 if (options->forward_x11_timeout == -1)
47 options->forward_x11_timeout = 1200; 48 options->forward_x11_timeout = 1200;
48 if (options->exit_on_forward_failure == -1) 49 if (options->exit_on_forward_failure == -1)
50diff --git a/ssh.1 b/ssh.1
51index 2178863..e2cce49 100644
52--- a/ssh.1
53+++ b/ssh.1
54@@ -670,12 +670,33 @@ option and the
55 directive in
56 .Xr ssh_config 5
57 for more information.
58+.Pp
59+(Debian-specific: X11 forwarding is not subjected to X11 SECURITY extension
60+restrictions by default, because too many programs currently crash in this
61+mode.
62+Set the
63+.Cm ForwardX11Trusted
64+option to
65+.Dq no
66+to restore the upstream behaviour.
67+This may change in future depending on client-side improvements.)
68 .It Fl x
69 Disables X11 forwarding.
70 .It Fl Y
71 Enables trusted X11 forwarding.
72 Trusted X11 forwardings are not subjected to the X11 SECURITY extension
73 controls.
74+.Pp
75+(Debian-specific: This option does nothing in the default configuration: it
76+is equivalent to
77+.Dq Cm ForwardX11Trusted No yes ,
78+which is the default as described above.
79+Set the
80+.Cm ForwardX11Trusted
81+option to
82+.Dq no
83+to restore the upstream behaviour.
84+This may change in future depending on client-side improvements.)
85 .It Fl y
86 Send log information using the
87 .Xr syslog 3
49diff --git a/ssh_config b/ssh_config 88diff --git a/ssh_config b/ssh_config
50index 228e5ab..c9386aa 100644 89index 228e5ab..c9386aa 100644
51--- a/ssh_config 90--- a/ssh_config
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-23 19:43:37 +0000