diff options
author | des <des@FreeBSD.org> | 2013-05-29 00:19:58 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2013-05-29 00:19:58 +0000 |
commit | df51273aa9fb416de461f6a9508fe0a0b61dc46e (patch) | |
tree | 42739428b0d6b8f36059c60f47b1fa2aec072343 /crypto | |
parent | 213cb61b4e059207c0e5d0f4577595c46509d554 (diff) | |
download | FreeBSD-src-df51273aa9fb416de461f6a9508fe0a0b61dc46e.zip FreeBSD-src-df51273aa9fb416de461f6a9508fe0a0b61dc46e.tar.gz |
Revert a local change that sets the default for UsePrivilegeSeparation to
"sandbox" instead of "yes". In sandbox mode, the privsep child is unable
to load additional libraries and will therefore crash when trying to take
advantage of crypto offloading on CPUs that support it.
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/openssh/servconf.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index ace75d3..a6aeea3 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -298,7 +298,7 @@ fill_default_server_options(ServerOptions *options) options->version_addendum = xstrdup(SSH_VERSION_FREEBSD); /* Turn privilege separation on by default */ if (use_privsep == -1) - use_privsep = PRIVSEP_ON; + use_privsep = PRIVSEP_NOSANDBOX; #ifndef HAVE_MMAP if (use_privsep && options->compression == 1) { |