fix run-time under the new "privilege separation" world order

openssh/openssh.spec

@@ -44,7 +44,7 @@ Distribution: OpenPKG [REL]
 Group:        Cryptography
 License:      BSD
 Version:      3.3p1
-Release:      20020622
+Release:      20020625
 
 #   list of sources
 Source0:      ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
@@ -145,7 +145,9 @@ AutoReqProv:  no
           --disable-suid-ssh \
           --without-rsh \
           --with-mantype=man \
-          --with-default-path=%{l_prefix}/bin:/bin:/usr/bin:/usr/local/bin
+          --with-default-path=%{l_prefix}/bin:/bin:/usr/bin:/usr/local/bin \
+          --with-privsep-user=%{l_nusr} \
+          --with-privsep-path=%{l_prefix}/var/openssh
 
       #   build package
       %{l_make} %{l_mflags -O}

openssh/sshd_config

@@ -30,6 +30,7 @@ KeepAlive                yes
 X11Forwarding            no
 GatewayPorts             no
 
+UsePrivilegeSeparation   yes
 LoginGraceTime           600
 MaxStartups              10:30:60
 PermitRootLogin          yes