Date: Thu, 2 Aug 2001 18:13:38 +0200 From: "Karsten W. Rohrbach" <karsten@rohrbach.de> To: Mike Silbersack <silby@silby.com> Cc: "Nickolay A.Kritsky" <nkritsky@internethelp.ru>, security@FreeBSD.ORG Subject: Re: accounting with ipfw (gid, uid riles) Message-ID: <20010802181338.A51621@mail.webmonster.de> In-Reply-To: <20010801184239.I63961-100000@achilles.silby.com>; from silby@silby.com on Wed, Aug 01, 2001 at 06:46:15PM -0500 References: <20010801180155.A24106@mail.webmonster.de> <20010801184239.I63961-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--EeQfGwPcQSOJBaQU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Mike Silbersack(silby@silby.com)@2001.08.01 18:46:15 +0000: >=20 > On Wed, 1 Aug 2001, Karsten W. Rohrbach wrote: >=20 > > Mike Silbersack(silby@silby.com)@2001.07.31 17:54:18 +0000: >=20 > > > I'm not familiar with how squid acts, but your idea sounds good to me. > > > Tell us how it works. :) > > > > eh? > > > > AFAIK the entity that creates the socket owns it. > > to bind ports <1024 this entity has to be root. >=20 > Heh, by "tell us how it works", I meant "test it out and tell us how well > it works in practice." :) >=20 > I guess we'll have to wait to hear back from Nickolay. no ;-) read on... root@WM:datasink[/usr/local/squid/logs]41# cat /opt/service/squid/run=20 #!/bin/sh ## run file for squid process PATH=3D/usr/local/bin:/usr/local/sbin:/usr/bin:/bin export PATH exec 2>&1 exec setuidgid squid /usr/local/sbin/squid -YN root@WM:datasink[/usr/local/squid/logs]42# sockstat -l4| grep ^squid =20 squid squid 64788 14 tcp4 *:3128 *:* = =20 squid squid 64788 15 udp4 *:3130 *:*=20 in other words: it fkn works this is tested with daemontools-0.70 and squid-2.4STABLE1 (2.4_4 port) *grin* /k >=20 > Mike "Silby" Silbersack >=20 >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message --=20 > Captain Hook died of jock itch. KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.n= et/ karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 B= F46 Please do not remove my address from To: and Cc: fields in mailing lists. 1= 0x --EeQfGwPcQSOJBaQU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7aXwyM0BPTilkv0YRAvR+AJ9D7DBVkgPBbZmzB1En7Ne2+cQ7wACbBz/1 Y+Iw3vst0nCj7fTCoBYUZkc= =AHhi -----END PGP SIGNATURE----- --EeQfGwPcQSOJBaQU-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010802181338.A51621>