Disable /usr/bin/ssh being setuid root by default. Let the variable

ENABLE_SUID_SSH being defined reenable it for those that want it. This follows discussion favoring the change from September. It is not usually necessary to be setuid root, possibly less safe, and less convenient (cannot use $HOSTALIASES, for example). Submitted by: jedgar
author: green <green@FreeBSD.org> 2000-11-14 04:42:25 +0000
committer: green <green@FreeBSD.org> 2000-11-14 04:42:25 +0000
commit: dd707cf4f4cf45baef6b39d771ff24434e498e87 (patch)
tree: c670dcf80739c55a1ce536e1eca86a05318079ce /secure
parent: 0bc5843790af30eda24f862c34d78495bf8fec50 (diff)
download: FreeBSD-src-dd707cf4f4cf45baef6b39d771ff24434e498e87.zip
FreeBSD-src-dd707cf4f4cf45baef6b39d771ff24434e498e87.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/secure/usr.bin/ssh/Makefile b/secure/usr.bin/ssh/Makefile
index 10dcbf0..0b99611 100644
--- a/secure/usr.bin/ssh/Makefile
+++ b/secure/usr.bin/ssh/Makefile
@@ -5,7 +5,9 @@ SSHSRC=	${.CURDIR}/../../../crypto/openssh
 
 PROG=	ssh
 BINOWN=	root
+.if defined(ENABLE_SUID_SSH)
 BINMODE=4555
+.endif
 MAN1=	ssh.1
 LINKS=	${BINDIR}/ssh ${BINDIR}/slogin
 MLINKS=	ssh.1 slogin.1
author	green <green@FreeBSD.org>	2000-11-14 04:42:25 +0000
committer	green <green@FreeBSD.org>	2000-11-14 04:42:25 +0000
commit	dd707cf4f4cf45baef6b39d771ff24434e498e87 (patch)
tree	c670dcf80739c55a1ce536e1eca86a05318079ce /secure
parent	0bc5843790af30eda24f862c34d78495bf8fec50 (diff)
download	FreeBSD-src-dd707cf4f4cf45baef6b39d771ff24434e498e87.zip FreeBSD-src-dd707cf4f4cf45baef6b39d771ff24434e498e87.tar.gz