summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog5
-rw-r--r--servconf.c6
-rw-r--r--sshd.84
-rw-r--r--sshd_config4
4 files changed, 11 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index 96f459ccb..2adca2b3b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -39,6 +39,9 @@
39 [ssh.1 sshd.8] 39 [ssh.1 sshd.8]
40 Kill/adjust r(login|exec)d? references now that those are no longer in 40 Kill/adjust r(login|exec)d? references now that those are no longer in
41 the tree. 41 the tree.
42 - markus@cvs.openbsd.org 2002/05/15 21:02:53
43 [servconf.c sshd.8 sshd_config]
44 disable privsep and enable setuid for the 3.2.2 release
42 - (bal) Fixed up PAM case. I think. 45 - (bal) Fixed up PAM case. I think.
43 - (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy 46 - (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy
44 47
@@ -645,4 +648,4 @@
645 - (stevesk) entropy.c: typo in debug message 648 - (stevesk) entropy.c: typo in debug message
646 - (djm) ssh-keygen -i needs seeded RNG; report from markus@ 649 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
647 650
648$Id: ChangeLog,v 1.2132 2002/05/15 21:36:45 mouring Exp $ 651$Id: ChangeLog,v 1.2133 2002/05/15 21:37:34 mouring Exp $
diff --git a/servconf.c b/servconf.c
index 5b894f744..5f8e74e33 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
10 */ 10 */
11 11
12#include "includes.h" 12#include "includes.h"
13RCSID("$OpenBSD: servconf.c,v 1.108 2002/05/04 02:39:35 deraadt Exp $"); 13RCSID("$OpenBSD: servconf.c,v 1.109 2002/05/15 21:02:52 markus Exp $");
14 14
15#if defined(KRB4) 15#if defined(KRB4)
16#include <krb.h> 16#include <krb.h>
@@ -250,9 +250,9 @@ fill_default_server_options(ServerOptions *options)
250 if (options->authorized_keys_file == NULL) 250 if (options->authorized_keys_file == NULL)
251 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 251 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
252 252
253 /* Turn privilege separation on by default */ 253 /* Turn privilege separation _off_ by default */
254 if (use_privsep == -1) 254 if (use_privsep == -1)
255 use_privsep = 1; 255 use_privsep = 0;
256} 256}
257 257
258/* Keyword tokens. */ 258/* Keyword tokens. */
diff --git a/sshd.8 b/sshd.8
index 109f16fdf..138bf6510 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd.8,v 1.180 2002/05/06 23:34:33 millert Exp $ 37.\" $OpenBSD: sshd.8,v 1.181 2002/05/15 21:02:53 markus Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSHD 8 39.Dt SSHD 8
40.Os 40.Os
@@ -852,7 +852,7 @@ another process will be created that has the privilege of the authenticated
852user. The goal of privilege separation is to prevent privilege 852user. The goal of privilege separation is to prevent privilege
853escalation by containing any corruption within the unprivileged processes. 853escalation by containing any corruption within the unprivileged processes.
854The default is 854The default is
855.Dq yes . 855.Dq no .
856.It Cm VerifyReverseMapping 856.It Cm VerifyReverseMapping
857Specifies whether 857Specifies whether
858.Nm 858.Nm
diff --git a/sshd_config b/sshd_config
index dc940d922..e96f7a1d3 100644
--- a/sshd_config
+++ b/sshd_config
@@ -1,4 +1,4 @@
1# $OpenBSD: sshd_config,v 1.52 2002/05/04 02:39:35 deraadt Exp $ 1# $OpenBSD: sshd_config,v 1.53 2002/05/15 21:02:53 markus Exp $
2 2
3# This is the sshd server system-wide configuration file. See sshd(8) 3# This is the sshd server system-wide configuration file. See sshd(8)
4# for more information. 4# for more information.
@@ -80,7 +80,7 @@
80#PrintLastLog yes 80#PrintLastLog yes
81#KeepAlive yes 81#KeepAlive yes
82#UseLogin no 82#UseLogin no
83#UsePrivilegeSeparation yes 83#UsePrivilegeSeparation no
84 84
85#MaxStartups 10 85#MaxStartups 10
86# no default banner path 86# no default banner path