svn commit: r252338 - head/crypto/openssh
Dag-Erling Smørgrav
des at FreeBSD.org
Fri Jun 28 09:41:59 UTC 2013
Author: des
Date: Fri Jun 28 09:41:59 2013
New Revision: 252338
URL: http://svnweb.freebsd.org/changeset/base/252338
Log:
r251088 reverted the default value for UsePrivilegeSeparation from
"sandbox" to "yes", but did not update the documentation to match.
Modified:
head/crypto/openssh/sshd_config
head/crypto/openssh/sshd_config.5
Modified: head/crypto/openssh/sshd_config
==============================================================================
--- head/crypto/openssh/sshd_config Fri Jun 28 07:51:12 2013 (r252337)
+++ head/crypto/openssh/sshd_config Fri Jun 28 09:41:59 2013 (r252338)
@@ -105,7 +105,7 @@
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
-#UsePrivilegeSeparation sandbox
+#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
Modified: head/crypto/openssh/sshd_config.5
==============================================================================
--- head/crypto/openssh/sshd_config.5 Fri Jun 28 07:51:12 2013 (r252337)
+++ head/crypto/openssh/sshd_config.5 Fri Jun 28 09:41:59 2013 (r252338)
@@ -1169,7 +1169,7 @@ the privilege of the authenticated user.
The goal of privilege separation is to prevent privilege
escalation by containing any corruption within the unprivileged processes.
The default is
-.Dq sandbox .
+.Dq yes .
If
.Cm UsePrivilegeSeparation
is set to
More information about the svn-src-head
mailing list