search for: platform_drop_sftp_server_priv

...e these look like the'd be useful is in the pre-auth > privsep sandbox... > Ok, please find attached a revised version. I've moved all of the pre-auth privsep bit into a new sandbox-solaris.c, and for the ssh-agent and sftp-server I've created the platform_drop_agent_privs() and platform_drop_sftp_server_privs() hooks which, if USE_SOLARIS_PRIVS is enabled then call out to the code that's now in openbsd-compat/port-solaris.c Does this look a bit better? The biggest annoyance I had is that now ssh-agent and sftp-server have to link against platform.o, and the easiest way to organise that seemed to b...

Hi, I'm not sure how interested anybody here is in this, but I've been working lately on getting rid of the horror that is SunSSH for some distros of Illumos (mostly SmartOS). One of the patches we're carrying around at the moment is one that simply drops fine-grained privileges in sshd, ssh-agent and sftp-server. Since the privilege dropping here is roughly equivalent to a more