Fwd: privsep in ssh
Damien Miller
djm at shitei.mindrot.org
Mon Sep 22 15:44:58 EST 2003
> #ifdef DISABLE_FD_PASSING
> if (1) {
> #else
> if (authctxt->pw->pw_uid == 0 || options.use_login) {
> #endif
I think we should change this test to something like:
if (!ALWAYS_POSTAUTH_PRIVSEP &&
(authctxt->pw->pw_uid == 0 || options.use_login ||
NEVER_POSTAUTH_PRIVSEP)) {
Then we can set NEVER_POSTAUTH_PRIVSEP and ALWAYS_POSTAUTH_PRIVSEP (to 1)
in autoconf as appropriate.
Comments?
-d
More information about the openssh-unix-dev
mailing list