Date: Fri, 28 Jun 2013 09:41:59 +0000 (UTC) From: Dag-Erling Smørgrav <des@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r252338 - head/crypto/openssh Message-ID: <201306280941.r5S9fx73099738@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: des Date: Fri Jun 28 09:41:59 2013 New Revision: 252338 URL: http://svnweb.freebsd.org/changeset/base/252338 Log: r251088 reverted the default value for UsePrivilegeSeparation from "sandbox" to "yes", but did not update the documentation to match. Modified: head/crypto/openssh/sshd_config head/crypto/openssh/sshd_config.5 Modified: head/crypto/openssh/sshd_config ============================================================================== --- head/crypto/openssh/sshd_config Fri Jun 28 07:51:12 2013 (r252337) +++ head/crypto/openssh/sshd_config Fri Jun 28 09:41:59 2013 (r252338) @@ -105,7 +105,7 @@ #PrintLastLog yes #TCPKeepAlive yes #UseLogin no -#UsePrivilegeSeparation sandbox +#UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 Modified: head/crypto/openssh/sshd_config.5 ============================================================================== --- head/crypto/openssh/sshd_config.5 Fri Jun 28 07:51:12 2013 (r252337) +++ head/crypto/openssh/sshd_config.5 Fri Jun 28 09:41:59 2013 (r252338) @@ -1169,7 +1169,7 @@ the privilege of the authenticated user. The goal of privilege separation is to prevent privilege escalation by containing any corruption within the unprivileged processes. The default is -.Dq sandbox . +.Dq yes . If .Cm UsePrivilegeSeparation is set to
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201306280941.r5S9fx73099738>