diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | servconf.c | 6 | ||||
-rw-r--r-- | sshd.8 | 4 | ||||
-rw-r--r-- | sshd_config | 4 |
4 files changed, 11 insertions, 8 deletions
@@ -39,6 +39,9 @@ | |||
39 | [ssh.1 sshd.8] | 39 | [ssh.1 sshd.8] |
40 | Kill/adjust r(login|exec)d? references now that those are no longer in | 40 | Kill/adjust r(login|exec)d? references now that those are no longer in |
41 | the tree. | 41 | the tree. |
42 | - markus@cvs.openbsd.org 2002/05/15 21:02:53 | ||
43 | [servconf.c sshd.8 sshd_config] | ||
44 | disable privsep and enable setuid for the 3.2.2 release | ||
42 | - (bal) Fixed up PAM case. I think. | 45 | - (bal) Fixed up PAM case. I think. |
43 | - (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy | 46 | - (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy |
44 | 47 | ||
@@ -645,4 +648,4 @@ | |||
645 | - (stevesk) entropy.c: typo in debug message | 648 | - (stevesk) entropy.c: typo in debug message |
646 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 649 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
647 | 650 | ||
648 | $Id: ChangeLog,v 1.2132 2002/05/15 21:36:45 mouring Exp $ | 651 | $Id: ChangeLog,v 1.2133 2002/05/15 21:37:34 mouring Exp $ |
diff --git a/servconf.c b/servconf.c index 5b894f744..5f8e74e33 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: servconf.c,v 1.108 2002/05/04 02:39:35 deraadt Exp $"); | 13 | RCSID("$OpenBSD: servconf.c,v 1.109 2002/05/15 21:02:52 markus Exp $"); |
14 | 14 | ||
15 | #if defined(KRB4) | 15 | #if defined(KRB4) |
16 | #include <krb.h> | 16 | #include <krb.h> |
@@ -250,9 +250,9 @@ fill_default_server_options(ServerOptions *options) | |||
250 | if (options->authorized_keys_file == NULL) | 250 | if (options->authorized_keys_file == NULL) |
251 | options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; | 251 | options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; |
252 | 252 | ||
253 | /* Turn privilege separation on by default */ | 253 | /* Turn privilege separation _off_ by default */ |
254 | if (use_privsep == -1) | 254 | if (use_privsep == -1) |
255 | use_privsep = 1; | 255 | use_privsep = 0; |
256 | } | 256 | } |
257 | 257 | ||
258 | /* Keyword tokens. */ | 258 | /* Keyword tokens. */ |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.180 2002/05/06 23:34:33 millert Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.181 2002/05/15 21:02:53 markus Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
@@ -852,7 +852,7 @@ another process will be created that has the privilege of the authenticated | |||
852 | user. The goal of privilege separation is to prevent privilege | 852 | user. The goal of privilege separation is to prevent privilege |
853 | escalation by containing any corruption within the unprivileged processes. | 853 | escalation by containing any corruption within the unprivileged processes. |
854 | The default is | 854 | The default is |
855 | .Dq yes . | 855 | .Dq no . |
856 | .It Cm VerifyReverseMapping | 856 | .It Cm VerifyReverseMapping |
857 | Specifies whether | 857 | Specifies whether |
858 | .Nm | 858 | .Nm |
diff --git a/sshd_config b/sshd_config index dc940d922..e96f7a1d3 100644 --- a/sshd_config +++ b/sshd_config | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: sshd_config,v 1.52 2002/05/04 02:39:35 deraadt Exp $ | 1 | # $OpenBSD: sshd_config,v 1.53 2002/05/15 21:02:53 markus Exp $ |
2 | 2 | ||
3 | # This is the sshd server system-wide configuration file. See sshd(8) | 3 | # This is the sshd server system-wide configuration file. See sshd(8) |
4 | # for more information. | 4 | # for more information. |
@@ -80,7 +80,7 @@ | |||
80 | #PrintLastLog yes | 80 | #PrintLastLog yes |
81 | #KeepAlive yes | 81 | #KeepAlive yes |
82 | #UseLogin no | 82 | #UseLogin no |
83 | #UsePrivilegeSeparation yes | 83 | #UsePrivilegeSeparation no |
84 | 84 | ||
85 | #MaxStartups 10 | 85 | #MaxStartups 10 |
86 | # no default banner path | 86 | # no default banner path |