On Tuesday 25 June 2002 02.22, Ben Reser wrote: > On Tue, Jun 25, 2002 at 01:59:37AM +0200, Oden Eriksson wrote: > > Great! Is it system wide or per user (root) based? > > > > Oh.., I found another missing file in the openssh package (+ some minor > > fixes), a patch is attached. > > Dumb question but why are we using /var/empty/sshd? /var/empty just > needs to be an empty directory with nothing in it. ssh chroot's to it > so that it doesn't have access to anything as root. No reason why other > apps couldn't share this directory.
Hmm... Frankly..., I don't know. I guess you're right. I didn't hear about the "Privilege Separation" thing until today, so it's brand spankin' new to me. -- Regards // Oden Eriksson Deserve-IT Networks -> http://d-srv.com