svn commit: r262566 - in stable/10: crypto/openssh crypto/openssh/contrib/caldera crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-comp...
Pawel Jakub Dawidek
pjd at FreeBSD.org
Mon Mar 3 23:36:48 UTC 2014
On Mon, Mar 03, 2014 at 10:47:43PM +0100, Dimitry Andric wrote:
> On 03 Mar 2014, at 21:36, John Baldwin <jhb at freebsd.org> wrote:
> > On Thursday, February 27, 2014 12:29:02 pm Dag-Erling SmXXrgrav wrote:
> >> Author: des
> >> Date: Thu Feb 27 17:29:02 2014
> >> New Revision: 262566
> >> URL: http://svnweb.freebsd.org/changeset/base/262566
> >>
> >> Log:
> >> MFH (r261320): upgrade openssh to 6.5p1
> >> MFH (r261340): enable sandboxing by default
> >
> > Mails on stable@ suggest that this latter change may be a bit of a POLA
> > violation as if people are using a custom kernel configuration that doesn't
> > include CAPSICUM they are now locked out of their boxes as sshd fails. It
> > seems that this is at least worth a note in UPDATING if not adding a
> > workaround to handle the case of a kernel without CAPSICUM.
>
> Wouldn't it be enough to merge r261499 ("Fix installations that use
> kernels without CAPABILITIES support") by pjd?
Yes, my change should be definiately merged with OpenSSH merge. If
nobody beats me to it, I should be able to merge it tomorrow.
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://mobter.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-all/attachments/20140304/2209a6ea/attachment.sig>
More information about the svn-src-all
mailing list