Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Date: Thu, 19 Aug 2004 13:24:20 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: upgrading openssh 3.8.1p1-1 -> 3.9p1-1 breaks privilege separation Message-ID: <20040819112420.GC11920@cygbert.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <87n00siknk DOT fsf AT beth DOT swift DOT xxx> <20040818152348 DOT GI10590 AT cygbert DOT vinschen DOT de> <4123ACA8 DOT 1010801 AT acm DOT org> <20040818215944 DOT GT10590 AT cygbert DOT vinschen DOT de> <4123D9A9 DOT 3000503 AT acm DOT org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4123D9A9.3000503@acm.org> User-Agent: Mutt/1.4.2i On Aug 18 15:35, David Rothenberger wrote: > Yes. As far as I know, everything is configured to use privilege > separation. But the fact that 3.9p1-1 worked for me without adding the > -r switch made me wonder whether sshd was really doing privilege > separation. Is there any debugging output that indicates privsep is in > use? Can I tell using ps? Is there any way to tell for sure that it is > being used? When stracing it, you'll see that two child processes are created by sshd. But the "privilege separated" process exits after it has done it's job so there's no additional process, except for a fraction of a second. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader mailto:cygwin AT cygwin DOT com Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/