diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | README.privsep | 21 |
2 files changed, 14 insertions, 12 deletions
| @@ -1,3 +1,6 @@ | |||
| 1 | 20020622 | ||
| 2 | - (djm) Update README.privsep; spotted by fries@ | ||
| 3 | |||
| 1 | 20020621 | 4 | 20020621 |
| 2 | - (djm) Sync: | 5 | - (djm) Sync: |
| 3 | - djm@cvs.openbsd.org 2002/06/21 05:50:51 | 6 | - djm@cvs.openbsd.org 2002/06/21 05:50:51 |
| @@ -1000,4 +1003,4 @@ | |||
| 1000 | - (stevesk) entropy.c: typo in debug message | 1003 | - (stevesk) entropy.c: typo in debug message |
| 1001 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 1004 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
| 1002 | 1005 | ||
| 1003 | $Id: ChangeLog,v 1.2238 2002/06/21 06:42:41 djm Exp $ | 1006 | $Id: ChangeLog,v 1.2239 2002/06/21 14:45:50 djm Exp $ |
diff --git a/README.privsep b/README.privsep index 89b9d0457..79ea62783 100644 --- a/README.privsep +++ b/README.privsep | |||
| @@ -1,13 +1,12 @@ | |||
| 1 | Privilege separation, or privsep, is an experimental feature in | 1 | Privilege separation, or privsep, is method in OpenSSH by which |
| 2 | OpenSSH in which operations that require root privilege are performed | 2 | operations that require root privilege are performed by a separate |
| 3 | by a separate privileged monitor process. Its purpose is to prevent | 3 | privileged monitor process. Its purpose is to prevent privilege |
| 4 | privilege escalation by containing corruption to an unprivileged | 4 | escalation by containing corruption to an unprivileged process. |
| 5 | process. More information is available at: | 5 | More information is available at: |
| 6 | http://www.citi.umich.edu/u/provos/ssh/privsep.html | 6 | http://www.citi.umich.edu/u/provos/ssh/privsep.html |
| 7 | 7 | ||
| 8 | Privilege separation is not enabled by default, and may be enabled by | 8 | Privilege separation is now enabled by default; see the |
| 9 | specifying "UsePrivilegeSeparation yes" in sshd_config; see the | 9 | UsePrivilegeSeparation option in sshd_config(5). |
| 10 | UsePrivilegeSeparation option in sshd(8). | ||
| 11 | 10 | ||
| 12 | When privsep is enabled, the pre-authentication sshd process will | 11 | When privsep is enabled, the pre-authentication sshd process will |
| 13 | chroot(2) to "/var/empty" and change its privileges to the "sshd" user | 12 | chroot(2) to "/var/empty" and change its privileges to the "sshd" user |
| @@ -34,8 +33,8 @@ privsep user and chroot directory: | |||
| 34 | Privsep requires operating system support for file descriptor passing | 33 | Privsep requires operating system support for file descriptor passing |
| 35 | and mmap(MAP_ANON). | 34 | and mmap(MAP_ANON). |
| 36 | 35 | ||
| 37 | PAM-enabled OpenSSH is known to function with privsep on Linux and | 36 | PAM-enabled OpenSSH is known to function with privsep on Linux. |
| 38 | Solaris 8. It does not function on HP-UX with a trusted system | 37 | It does not function on HP-UX with a trusted system |
| 39 | configuration. PAMAuthenticationViaKbdInt does not function with | 38 | configuration. PAMAuthenticationViaKbdInt does not function with |
| 40 | privsep. | 39 | privsep. |
| 41 | 40 | ||
| @@ -54,4 +53,4 @@ process 1005 is the sshd process listening for new connections. | |||
| 54 | process 6917 is the privileged monitor process, 6919 is the user owned | 53 | process 6917 is the privileged monitor process, 6919 is the user owned |
| 55 | sshd process and 6921 is the shell process. | 54 | sshd process and 6921 is the shell process. |
| 56 | 55 | ||
| 57 | $Id: README.privsep,v 1.5 2002/05/22 01:02:15 djm Exp $ | 56 | $Id: README.privsep,v 1.6 2002/06/21 14:45:50 djm Exp $ |