diff options
| author | Kevin Steves <stevesk@pobox.com> | 2002-04-07 19:22:54 +0000 |
|---|---|---|
| committer | Kevin Steves <stevesk@pobox.com> | 2002-04-07 19:22:54 +0000 |
| commit | 7ff911216bbc288869c6b8ce99cd812ead66b886 (patch) | |
| tree | 1046540d4cf19de550198d7d21b2fca00a70e901 | |
| parent | b1184bbf2931f064b5b38c3a0fe9440d02c67610 (diff) | |
- (stevesk) --with-privsep-user; default sshd
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | acconfig.h | 5 | ||||
| -rw-r--r-- | configure.ac | 14 | ||||
| -rw-r--r-- | ssh.h | 2 |
4 files changed, 20 insertions, 4 deletions
@@ -7,6 +7,7 @@ monitor_mm.c - (stevesk) remove configure support for poll.h; it was removed from sshd.c a long time ago. + - (stevesk) --with-privsep-user; default sshd 20020406 - (djm) Typo in Suse SPEC file. Fix from Carsten Grohmann @@ -8197,4 +8198,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.2037 2002/04/07 18:12:03 stevesk Exp $ +$Id: ChangeLog,v 1.2038 2002/04/07 19:22:55 stevesk Exp $ @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.128 2002/04/07 16:18:04 stevesk Exp $ */ +/* $Id: acconfig.h,v 1.129 2002/04/07 19:22:54 stevesk Exp $ */ #ifndef _CONFIG_H #define _CONFIG_H @@ -100,6 +100,9 @@ /* Builtin PRNG command timeout */ #undef ENTROPY_TIMEOUT_MSEC +/* non-privileged user for privilege separation */ +#undef SSH_PRIVSEP_USER + /* Define if you want to install preformatted manpages.*/ #undef MANTYPE diff --git a/configure.ac b/configure.ac index b3fa1867..10f238a2 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.38 2002/04/07 18:12:04 stevesk Exp $ +# $Id: configure.ac,v 1.39 2002/04/07 19:22:54 stevesk Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -993,9 +993,19 @@ AC_ARG_WITH(entropy-timeout, fi ] ) - AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout) +ssh_privsep_user=sshd +AC_ARG_WITH(privsep-user, + [ --with-privsep-user Specify non-privileged user for privilege separation], + [ + if test -n "$withval"; then + ssh_privsep_user=$withval + fi + ] +) +AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, $ssh_privsep_user) + # We do this little dance with the search path to insure # that programs that we select for use by installed programs # (which may be run by the super-user) come from trusted @@ -104,7 +104,9 @@ * sshd will change its pivileges to this user and its * primary group. */ +#ifndef SSH_PRIVSEP_USER #define SSH_PRIVSEP_USER "nobody" +#endif /* Minimum modulus size (n) for RSA keys. */ #define SSH_RSA_MINIMUM_MODULUS_SIZE 768 |