summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2002-03-22 02:37:50 +0000
committerBen Lindstrom <mouring@eviladmin.org>2002-03-22 02:37:50 +0000
commit191c8e5eb92bd482ad7444a4287fea0bae57af25 (patch)
tree02ec25d09d12f1802e14f520a87165c693e3b12c
parent000dda537329dc06e00d28a5c0bd5234d69e1863 (diff)
- provos@cvs.openbsd.org 2002/03/18 17:59:09
[sshd.8] document UsePrivilegeSeparation
-rw-r--r--ChangeLog5
-rw-r--r--sshd.816
2 files changed, 18 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 771eca95..df05e15a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -68,6 +68,9 @@
- provos@cvs.openbsd.org 2002/03/18 17:53:08
[sshd.8]
credits for privsep
+ - provos@cvs.openbsd.org 2002/03/18 17:59:09
+ [sshd.8]
+ document UsePrivilegeSeparation
20020317
- (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
@@ -7914,4 +7917,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1944 2002/03/22 02:33:12 mouring Exp $
+$Id: ChangeLog,v 1.1945 2002/03/22 02:37:50 mouring Exp $
diff --git a/sshd.8 b/sshd.8
index e71ba3cb..3e94660d 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.171 2002/03/18 17:53:08 provos Exp $
+.\" $OpenBSD: sshd.8,v 1.172 2002/03/18 17:59:09 provos Exp $
.Dd September 25, 1999
.Dt SSHD 8
.Os
@@ -839,7 +839,19 @@ will be disabled because
.Xr login 1
does not know how to handle
.Xr xauth 1
-cookies.
+cookies. If
+.Cm UsePrivilegeSeparation
+is specified, it will be disabled after authentication.
+.It Cm UsePrivilegeSeparation
+Specifies whether
+.Nm
+separated privileges by creating an unprivileged child process
+to deal with incoming network traffic. After successful authentication,
+another process will be created that has the privilege of the authenticated
+user. The goal of privilege separation is to prevent privilege
+escalation by containing any corruption within the unprivileged processes.
+The default is
+.Dq no .
.It Cm VerifyReverseMapping
Specifies whether
.Nm