Date: Wed, 17 Jun 2009 12:37:58 +0100 From: RW <rwmaillists@googlemail.com> To: ports@freebsd.org Subject: Re: Safe to run squid_user=root ? Message-ID: <20090617123758.71143a96@gumby.homeunix.com> In-Reply-To: <6F3DA1E9-877B-438D-BE2A-D9800C210AA7@goldmark.org> References: <6F3DA1E9-877B-438D-BE2A-D9800C210AA7@goldmark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 16 Jun 2009 22:48:17 -0500
Jeffrey Goldberg <jeffrey@goldmark.org> wrote:
> www/squid30 sets up an rc.d startup script that includes
>
> squid_user=${squid_user:-squid}
>
> This makes it impossible to get squid to listen on a port lower than
> 1024.
>
> If I specify
>
> squid_user=root
>
> in my rc.conf will I be doing something stupid? Does squid
> appropriately drop privileges after binding to a socket?
I don't use squid 3.x but it does in squid 2.x, look
for cache_effective_user and cache_effective_group in the default
configuration file.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090617123758.71143a96>