Revert a local change that sets the default for UsePrivilegeSeparation to

"sandbox" instead of "yes". In sandbox mode, the privsep child is unable to load additional libraries and will therefore crash when trying to take advantage of crypto offloading on CPUs that support it.
author: des <des@FreeBSD.org> 2013-05-29 00:19:58 +0000
committer: des <des@FreeBSD.org> 2013-05-29 00:19:58 +0000
commit: df51273aa9fb416de461f6a9508fe0a0b61dc46e (patch)
tree: 42739428b0d6b8f36059c60f47b1fa2aec072343 /crypto/openssh/servconf.c
parent: 213cb61b4e059207c0e5d0f4577595c46509d554 (diff)
download: FreeBSD-src-df51273aa9fb416de461f6a9508fe0a0b61dc46e.zip
FreeBSD-src-df51273aa9fb416de461f6a9508fe0a0b61dc46e.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c
index ace75d3..a6aeea3 100644
--- a/crypto/openssh/servconf.c
+++ b/crypto/openssh/servconf.c
@@ -298,7 +298,7 @@ fill_default_server_options(ServerOptions *options)
 		options->version_addendum = xstrdup(SSH_VERSION_FREEBSD);
 	/* Turn privilege separation on by default */
 	if (use_privsep == -1)
-		use_privsep = PRIVSEP_ON;
+		use_privsep = PRIVSEP_NOSANDBOX;
 
 #ifndef HAVE_MMAP
 	if (use_privsep && options->compression == 1) {
author	des <des@FreeBSD.org>	2013-05-29 00:19:58 +0000
committer	des <des@FreeBSD.org>	2013-05-29 00:19:58 +0000
commit	df51273aa9fb416de461f6a9508fe0a0b61dc46e (patch)
tree	42739428b0d6b8f36059c60f47b1fa2aec072343 /crypto/openssh/servconf.c
parent	213cb61b4e059207c0e5d0f4577595c46509d554 (diff)
download	FreeBSD-src-df51273aa9fb416de461f6a9508fe0a0b61dc46e.zip FreeBSD-src-df51273aa9fb416de461f6a9508fe0a0b61dc46e.tar.gz