Oskar Pearson wrote:
> The change-uids stuff made me think that things were pretty safe...
> but it's not the case. I am sure that lots of other people think that
> it's safe. A simple "it's not safe to have write permission to this
> file" at the top of the config would make me happier.
The change-uids stuff is defenitely NOT safe. Squid always retains it's
startup privilegies to be able to reconfigure itself, and anyone
suceeding in hacking Squid in any way (including from the network) will
get root privs if Squid is started as root.
/Henrik
Received on Tue Jul 29 2003 - 13:15:58 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:08 MST