Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 3 Mar 2014 22:47:43 +0100
From:      Dimitry Andric <dimitry@andric.com>
To:        John Baldwin <jhb@freebsd.org>
Cc:        src-committers@freebsd.org, Pawel Jakub Dawidek <pjd@FreeBSD.org>, svn-src-stable@freebsd.org, svn-src-all@freebsd.org, svn-src-stable-10@freebsd.org, =?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?= <des@FreeBSD.org>
Subject:   Re: svn commit: r262566 - in stable/10: crypto/openssh crypto/openssh/contrib/caldera crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-comp...
Message-ID:  <B69240EB-11C1-47F9-9D58-B42A40DDB094@andric.com>
In-Reply-To: <201403031536.33679.jhb@freebsd.org>
References:  <201402271729.s1RHT2rx075258@svn.freebsd.org> <201403031536.33679.jhb@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--Apple-Mail=_CBC3B360-4D04-4FA9-BFAB-F0322AE98CD6
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

On 03 Mar 2014, at 21:36, John Baldwin <jhb@freebsd.org> wrote:
> On Thursday, February 27, 2014 12:29:02 pm Dag-Erling SmXXrgrav wrote:
>> Author: des
>> Date: Thu Feb 27 17:29:02 2014
>> New Revision: 262566
>> URL: http://svnweb.freebsd.org/changeset/base/262566
>>=20
>> Log:
>>  MFH (r261320): upgrade openssh to 6.5p1
>>  MFH (r261340): enable sandboxing by default
>=20
> Mails on stable@ suggest that this latter change may be a bit of a =
POLA=20
> violation as if people are using a custom kernel configuration that =
doesn't=20
> include CAPSICUM they are now locked out of their boxes as sshd fails. =
 It=20
> seems that this is at least worth a note in UPDATING if not adding a=20=

> workaround to handle the case of a kernel without CAPSICUM.

Wouldn't it be enough to merge r261499 ("Fix installations that use
kernels without CAPABILITIES support") by pjd?

-Dimitry


--Apple-Mail=_CBC3B360-4D04-4FA9-BFAB-F0322AE98CD6
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)

iEYEARECAAYFAlMU+IgACgkQsF6jCi4glqPVrgCg6T1itIrxyezif62QRLrtKAp6
LY0AoLn8fqsxtojcxU0iG+xaX+Dypdk2
=9VPL
-----END PGP SIGNATURE-----

--Apple-Mail=_CBC3B360-4D04-4FA9-BFAB-F0322AE98CD6--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B69240EB-11C1-47F9-9D58-B42A40DDB094>