>>> Jason R Thorpe <thorpej@zembu.com> wrote

> On Tue, Feb 27, 2001 at 10:18:37PM +1100, matthew green wrote:
> 
>  > i believe it was judged that having ssh non-setuid was of more benefit to
>  > the default installation than supporting the *rhosts* authentication
>  > methods (which are disabled by default, in sshd.conf, anyway.)  in most
>  > cases, this is an unused feature of ssh that many people hold is *not* a
>  > feature but a bug.  there is a definiate convenience factor with the
>  > *rhosts* authentication methods, but these require setup anyway, and
>  > having the administrator enable the setuid bit is simply another part of
>  > this task.  this should probably be documented better...
> 
> Another SSH implementation is actually going to rip the rhosts
> stuff out altogether.

I suggest the setuid feature to be a build time option, like the
SSH_SUID in pkgsrc/mk/mk.conf.example, for people wants to use it.

-- Takeshi Nakayama