Disable /usr/bin/ssh being setuid root by default. Let the variable

ENABLE_SUID_SSH being defined reenable it for those that want it.

This follows discussion favoring the change from September.  It
is not usually necessary to be setuid root, possibly less safe,
and less convenient (cannot use $HOSTALIASES, for example).

Submitted by:	jedgar

3 files changed, 8 insertions, 0 deletions

diff --git a/etc/defaults/make.conf b/etc/defaults/make.conf
index 18a5a5e..bf2918a 100644
--- a/etc/defaults/make.conf
+++ b/etc/defaults/make.conf
@@ -57,6 +57,9 @@ BDECFLAGS=	-W -Wall -ansi -pedantic -Wbad-function-cast -Wcast-align \
 # To build ppp with normal permissions
 #PPP_NOSUID=	true
 #
+# To enable installing ssh(1) with the setuid bit turned on
+#ENABLE_SUID_SSH=	true
+#
 # To avoid building various parts of the base system:
 #NO_CVS=	true	# do not build CVS
 #NO_BIND=	true	# do not build BIND
diff --git a/secure/usr.bin/ssh/Makefile b/secure/usr.bin/ssh/Makefile
index 10dcbf0..0b99611 100644
--- a/secure/usr.bin/ssh/Makefile
+++ b/secure/usr.bin/ssh/Makefile
@@ -5,7 +5,9 @@ SSHSRC=	${.CURDIR}/../../../crypto/openssh
 
 PROG=	ssh
 BINOWN=	root
+.if defined(ENABLE_SUID_SSH)
 BINMODE=4555
+.endif
 MAN1=	ssh.1
 LINKS=	${BINDIR}/ssh ${BINDIR}/slogin
 MLINKS=	ssh.1 slogin.1
diff --git a/share/examples/etc/make.conf b/share/examples/etc/make.conf
index 18a5a5e..bf2918a 100644
--- a/share/examples/etc/make.conf
+++ b/share/examples/etc/make.conf
@@ -57,6 +57,9 @@ BDECFLAGS=	-W -Wall -ansi -pedantic -Wbad-function-cast -Wcast-align \
 # To build ppp with normal permissions
 #PPP_NOSUID=	true
 #
+# To enable installing ssh(1) with the setuid bit turned on
+#ENABLE_SUID_SSH=	true
+#
 # To avoid building various parts of the base system:
 #NO_CVS=	true	# do not build CVS
 #NO_BIND=	true	# do not build BIND