diff options
| -rw-r--r-- | usr.bin/ssh/servconf.c | 6 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh/Makefile | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd.8 | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd_config | 4 |
4 files changed, 9 insertions, 9 deletions
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index e0c94487c1d..6e314d0a14b 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.109 2002/05/15 21:02:52 markus Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.110 2002/05/15 21:56:38 markus Exp $"); #if defined(KRB4) || defined(KRB5) #include <krb.h> @@ -231,9 +231,9 @@ fill_default_server_options(ServerOptions *options) if (options->authorized_keys_file == NULL) options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; - /* Turn privilege separation _off_ by default */ + /* Turn privilege separation on by default */ if (use_privsep == -1) - use_privsep = 0; + use_privsep = 1; } /* Keyword tokens. */ diff --git a/usr.bin/ssh/ssh/Makefile b/usr.bin/ssh/ssh/Makefile index 57f769feb7f..e6562839f6f 100644 --- a/usr.bin/ssh/ssh/Makefile +++ b/usr.bin/ssh/ssh/Makefile @@ -1,11 +1,11 @@ -# $OpenBSD: Makefile,v 1.40 2002/05/15 21:02:53 markus Exp $ +# $OpenBSD: Makefile,v 1.41 2002/05/15 21:56:39 markus Exp $ .PATH: ${.CURDIR}/.. PROG= ssh BINOWN= root -BINMODE?=4555 +#BINMODE?=4555 BINDIR= /usr/bin MAN= ssh.1 diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8 index 632ed4109a6..f26d71a3837 100644 --- a/usr.bin/ssh/sshd.8 +++ b/usr.bin/ssh/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.181 2002/05/15 21:02:53 markus Exp $ +.\" $OpenBSD: sshd.8,v 1.182 2002/05/15 21:56:38 markus Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -844,7 +844,7 @@ another process will be created that has the privilege of the authenticated user. The goal of privilege separation is to prevent privilege escalation by containing any corruption within the unprivileged processes. The default is -.Dq no . +.Dq yes . .It Cm VerifyReverseMapping Specifies whether .Nm diff --git a/usr.bin/ssh/sshd_config b/usr.bin/ssh/sshd_config index 657d6919303..35af8ffbe90 100644 --- a/usr.bin/ssh/sshd_config +++ b/usr.bin/ssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.53 2002/05/15 21:02:53 markus Exp $ +# $OpenBSD: sshd_config,v 1.54 2002/05/15 21:56:38 markus Exp $ # This is the sshd server system-wide configuration file. See sshd(8) # for more information. @@ -74,7 +74,7 @@ #PrintLastLog yes #KeepAlive yes #UseLogin no -#UsePrivilegeSeparation no +#UsePrivilegeSeparation yes #MaxStartups 10 # no default banner path |