From owner-freebsd-security Wed Aug 1 16:49:10 2001 Delivered-To: freebsd-security@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with ESMTP id C7B1B37B405 for ; Wed, 1 Aug 2001 16:49:05 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 63985 invoked by uid 1000); 1 Aug 2001 23:49:05 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 1 Aug 2001 23:49:05 -0000 Date: Wed, 1 Aug 2001 18:49:05 -0500 (CDT) From: Mike Silbersack To: "Nickolay A.Kritsky" Cc: "Karsten W. Rohrbach" , Subject: Re[2]: accounting with ipfw (gid, uid riles) In-Reply-To: <79100794374.20010801171300@internethelp.ru> Message-ID: <20010801184745.M63961-100000@achilles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 1 Aug 2001, Nickolay A.Kritsky wrote: > ;------------------------------------------------------------------ > # TAG: cache_effective_user > # TAG: cache_effective_group > # > # If the cache is run as root, it will change its effective/real > # UID/GID to the UID/GID specified below. The default is to > # change to UID to nobody and GID to nogroup. > # > # If Squid is not started as root, the default is to keep the > # current UID/GID. Note that if Squid is not started as root then > # you cannot set http_port to a value lower than 1024. > # > #cache_effective_user nobody > #cache_effective_group nogroup This looks commented out to me, are you sure that it's actually changing to nobody? Also, you'll have to check to make sure that the listen is after the uid change for the accounting to work. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message