Privilege separation
Dan Yefimov
dan at D00M.integrate.com.ru
Wed Oct 29 07:00:07 EST 2003
On Tue, 28 Oct 2003, Markus Friedl wrote:
> On Tue, Oct 28, 2003 at 07:59:47PM +0300, Dan Yefimov wrote:
> > Hello!
> > Please consider including the attached patch in the next release. It
> > allows one to drop privilege separation code while building openssh by using
> > '--disable-privsep' switch of configure script. If one doesn't use privilege
> > separation at all, why don't simply allow him to drop privilege separation
> > support completely?
>
> no, this won't happen. you could do this for every runtime option.
>
Please forgive me my importunity, but your answer seems unclear to me. What
exactly could I do for every runtime option? And what's the exact reason for
rejecting the patch? It simply introduces yet one configuration option allowing
one to not compile code he doesn't want to use anyway and hence reduce the
resulting executable size.
--
Sincerely Your, Dan.
More information about the openssh-unix-dev
mailing list