|author||Damien Miller <email@example.com>||2003-11-21 23:48:55 +1100|
|committer||Damien Miller <firstname.lastname@example.org>||2003-11-21 23:48:55 +1100|
- email@example.com 2003/11/21 11:57:03
[everything] unexpand and delete whitespace at EOL; ok markus@ (done locally and RCS IDs synced)
Diffstat (limited to 'README.privsep')
1 files changed, 6 insertions, 6 deletions
diff --git a/README.privsep b/README.privsep
index 64adad83..9d48bbcf 100644
@@ -1,15 +1,15 @@
Privilege separation, or privsep, is method in OpenSSH by which
operations that require root privilege are performed by a separate
privileged monitor process. Its purpose is to prevent privilege
-escalation by containing corruption to an unprivileged process.
+escalation by containing corruption to an unprivileged process.
More information is available at:
Privilege separation is now enabled by default; see the
UsePrivilegeSeparation option in sshd_config(5).
-On systems which lack mmap or anonymous (MAP_ANON) memory mapping,
-compression must be disabled in order for privilege separation to
+On systems which lack mmap or anonymous (MAP_ANON) memory mapping,
+compression must be disabled in order for privilege separation to
When privsep is enabled, during the pre-authentication phase sshd will
@@ -38,9 +38,9 @@ privsep user and chroot directory:
Privsep requires operating system support for file descriptor passing.
Compression will be disabled on systems without a working mmap MAP_ANON.
-PAM-enabled OpenSSH is known to function with privsep on Linux.
+PAM-enabled OpenSSH is known to function with privsep on Linux.
It does not function on HP-UX with a trusted system
On Compaq Tru64 Unix, only the pre-authentication part of privsep is
supported. Post-authentication privsep is disabled automatically (so
@@ -61,4 +61,4 @@ process 1005 is the sshd process listening for new connections.
process 6917 is the privileged monitor process, 6919 is the user owned
sshd process and 6921 is the shell process.
-$Id: README.privsep,v 1.12 2003/08/26 00:48:15 djm Exp $
+$Id: README.privsep,v 1.13 2003/11/21 12:48:55 djm Exp $