diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | servconf.c | 9 | ||||
-rw-r--r-- | servconf.h | 4 | ||||
-rw-r--r-- | sshd.c | 4 | ||||
-rw-r--r-- | sshd_config | 4 |
5 files changed, 16 insertions, 10 deletions
@@ -3,6 +3,11 @@ | |||
3 | - jmc@cvs.openbsd.org 2012/07/06 06:38:03 | 3 | - jmc@cvs.openbsd.org 2012/07/06 06:38:03 |
4 | [ssh-keygen.c] | 4 | [ssh-keygen.c] |
5 | missing full stop in usage(); | 5 | missing full stop in usage(); |
6 | - djm@cvs.openbsd.org 2012/07/10 02:19:15 | ||
7 | [servconf.c servconf.h sshd.c sshd_config] | ||
8 | Turn on systrace sandboxing of pre-auth sshd by default for new installs | ||
9 | by shipping a config that overrides the current UsePrivilegeSeparation=yes | ||
10 | default. Make it easier to flip the default in the future by adding too. | ||
6 | 11 | ||
7 | 20120720 | 12 | 20120720 |
8 | - (dtucker) Import regened moduli file. | 13 | - (dtucker) Import regened moduli file. |
diff --git a/servconf.c b/servconf.c index eccfbad48..427bdeef1 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -1,5 +1,5 @@ | |||
1 | 1 | ||
2 | /* $OpenBSD: servconf.c,v 1.227 2012/06/19 18:25:27 markus Exp $ */ | 2 | /* $OpenBSD: servconf.c,v 1.228 2012/07/10 02:19:15 djm Exp $ */ |
3 | /* | 3 | /* |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
5 | * All rights reserved | 5 | * All rights reserved |
@@ -285,7 +285,7 @@ fill_default_server_options(ServerOptions *options) | |||
285 | options->version_addendum = xstrdup(""); | 285 | options->version_addendum = xstrdup(""); |
286 | /* Turn privilege separation on by default */ | 286 | /* Turn privilege separation on by default */ |
287 | if (use_privsep == -1) | 287 | if (use_privsep == -1) |
288 | use_privsep = PRIVSEP_ON; | 288 | use_privsep = PRIVSEP_NOSANDBOX; |
289 | 289 | ||
290 | #ifndef HAVE_MMAP | 290 | #ifndef HAVE_MMAP |
291 | if (use_privsep && options->compression == 1) { | 291 | if (use_privsep && options->compression == 1) { |
@@ -770,8 +770,9 @@ static const struct multistate multistate_gatewayports[] = { | |||
770 | { NULL, -1 } | 770 | { NULL, -1 } |
771 | }; | 771 | }; |
772 | static const struct multistate multistate_privsep[] = { | 772 | static const struct multistate multistate_privsep[] = { |
773 | { "sandbox", PRIVSEP_SANDBOX }, | 773 | { "yes", PRIVSEP_NOSANDBOX }, |
774 | { "yes", PRIVSEP_ON }, | 774 | { "sandbox", PRIVSEP_ON }, |
775 | { "nosandbox", PRIVSEP_NOSANDBOX }, | ||
775 | { "no", PRIVSEP_OFF }, | 776 | { "no", PRIVSEP_OFF }, |
776 | { NULL, -1 } | 777 | { NULL, -1 } |
777 | }; | 778 | }; |
diff --git a/servconf.h b/servconf.h index c2eeed665..096d596d7 100644 --- a/servconf.h +++ b/servconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: servconf.h,v 1.102 2012/06/19 18:25:28 markus Exp $ */ | 1 | /* $OpenBSD: servconf.h,v 1.103 2012/07/10 02:19:15 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -39,7 +39,7 @@ | |||
39 | /* use_privsep */ | 39 | /* use_privsep */ |
40 | #define PRIVSEP_OFF 0 | 40 | #define PRIVSEP_OFF 0 |
41 | #define PRIVSEP_ON 1 | 41 | #define PRIVSEP_ON 1 |
42 | #define PRIVSEP_SANDBOX 2 | 42 | #define PRIVSEP_NOSANDBOX 2 |
43 | 43 | ||
44 | #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ | 44 | #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ |
45 | #define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ | 45 | #define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.392 2012/06/30 14:35:09 markus Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.393 2012/07/10 02:19:15 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -635,7 +635,7 @@ privsep_preauth(Authctxt *authctxt) | |||
635 | /* Store a pointer to the kex for later rekeying */ | 635 | /* Store a pointer to the kex for later rekeying */ |
636 | pmonitor->m_pkex = &xxx_kex; | 636 | pmonitor->m_pkex = &xxx_kex; |
637 | 637 | ||
638 | if (use_privsep == PRIVSEP_SANDBOX) | 638 | if (use_privsep == PRIVSEP_ON) |
639 | box = ssh_sandbox_init(); | 639 | box = ssh_sandbox_init(); |
640 | pid = fork(); | 640 | pid = fork(); |
641 | if (pid == -1) { | 641 | if (pid == -1) { |
diff --git a/sshd_config b/sshd_config index ec3ca2afc..9424ee2c6 100644 --- a/sshd_config +++ b/sshd_config | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: sshd_config,v 1.86 2012/04/12 02:43:55 djm Exp $ | 1 | # $OpenBSD: sshd_config,v 1.87 2012/07/10 02:19:15 djm Exp $ |
2 | 2 | ||
3 | # This is the sshd server system-wide configuration file. See | 3 | # This is the sshd server system-wide configuration file. See |
4 | # sshd_config(5) for more information. | 4 | # sshd_config(5) for more information. |
@@ -99,7 +99,7 @@ AuthorizedKeysFile .ssh/authorized_keys | |||
99 | #PrintLastLog yes | 99 | #PrintLastLog yes |
100 | #TCPKeepAlive yes | 100 | #TCPKeepAlive yes |
101 | #UseLogin no | 101 | #UseLogin no |
102 | #UsePrivilegeSeparation yes | 102 | UsePrivilegeSeparation sandbox # Default for new installations. |
103 | #PermitUserEnvironment no | 103 | #PermitUserEnvironment no |
104 | #Compression delayed | 104 | #Compression delayed |
105 | #ClientAliveInterval 0 | 105 | #ClientAliveInterval 0 |