Date: 02 Jul 2002 01:59:47 +0200 From: Dag-Erling Smorgrav <des@ofug.org> To: audit@freebsd.org Subject: Full OpenSSH patch for -STABLE Message-ID: <xzp8z4vdmoc.fsf@flood.ping.uio.no>
next in thread | raw e-mail | index | archive | help
I won't post this one, it's 2.5 MB. You can get it online at: http://people.freebsd.org/~des/software/openssh-20020701.diff Notes: - Privilege separation is disabled as it breaks Kerberos ticket passing and possibly other features upon which at least some -STABLE users depend. I will enable privsep once the Kerberos issue (and any other issues that may crop up) have been resolved, which probably means "some time after the next OpenSSH release". - The patch updates some PAM modules, and changes pam_std_option() in a way that breaks the PAM library / module interface, though only FreeBSD's own modules are affected since pam_std_option() is a FreeBSD hack. This should make PAM much more useful in -STABLE, particularly as applies to OpenSSH, without going all the way and converting the entire userland to PAM like I've done in -CURRENT. - The patch is not 100% complete; there are still a few nits like what value to pick for VersionAddendum (since this version will not be entirely identical to the one in -CURRENT) and I'm not entirely done fixing pam_ssh(8). DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp8z4vdmoc.fsf>