Fwd: privsep in ssh
Damien Miller
djm at shitei.mindrot.org
Mon Sep 22 15:55:34 EST 2003
On Mon, 22 Sep 2003, Russell Coker wrote:
> On Mon, 22 Sep 2003 15:44, Damien Miller wrote:
> > > #ifdef DISABLE_FD_PASSING
> > > if (1) {
> > > #else
> > > if (authctxt->pw->pw_uid == 0 || options.use_login) {
> > > #endif
> >
> > I think we should change this test to something like:
> >
> > if (!ALWAYS_POSTAUTH_PRIVSEP &&
> > (authctxt->pw->pw_uid == 0 || options.use_login ||
> > NEVER_POSTAUTH_PRIVSEP)) {
> >
> > Then we can set NEVER_POSTAUTH_PRIVSEP and ALWAYS_POSTAUTH_PRIVSEP (to 1)
> > in autoconf as appropriate.
> >
> > Comments?
>
> Sounds reasonable to me.
How can we unambiguously identify SELinux at ./configure time? Does it
return a different platform string?
-d
More information about the openssh-unix-dev
mailing list