From 5794e02a5ac98503d6a7a66249d68dbd1c100388 Mon Sep 17 00:00:00 2001
From: des <des@FreeBSD.org>
Date: Fri, 28 Jun 2013 09:41:59 +0000
Subject: r251088 reverted the default value for UsePrivilegeSeparation from
 "sandbox" to "yes", but did not update the documentation to match.

---
 crypto/openssh/sshd_config   | 2 +-
 crypto/openssh/sshd_config.5 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'crypto')

diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config
index cfd2bda..6e30637 100644
--- a/crypto/openssh/sshd_config
+++ b/crypto/openssh/sshd_config
@@ -105,7 +105,7 @@
 #PrintLastLog yes
 #TCPKeepAlive yes
 #UseLogin no
-#UsePrivilegeSeparation sandbox
+#UsePrivilegeSeparation yes
 #PermitUserEnvironment no
 #Compression delayed
 #ClientAliveInterval 0
diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5
index 3f34bed..5e3e289 100644
--- a/crypto/openssh/sshd_config.5
+++ b/crypto/openssh/sshd_config.5
@@ -1169,7 +1169,7 @@ the privilege of the authenticated user.
 The goal of privilege separation is to prevent privilege
 escalation by containing any corruption within the unprivileged processes.
 The default is
-.Dq sandbox .
+.Dq yes .
 If
 .Cm UsePrivilegeSeparation
 is set to
-- 
cgit v1.1