Date: 2 Jan 1999 04:45:57 +0900 From: sada@FreeBSD.ORG To: peter@netplex.com.au Cc: ports@FreeBSD.ORG, sada@FreeBSD.ORG Subject: Re: ports/www/squid11 Message-ID: <19990101194557.17225.qmail@rr.iij4u.or.jp> In-Reply-To: Your message of "Sat, 2 Jan 1999 02:28:59 JST". <199901011729.BAA97168@spinner.netplex.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
>> It really should be running as a unique uid so that it doesn't have to >> share resource limits with things like fingerd, apache etc. You can cause >> a fair amount of chaos by finger bombing a site that is sharing the nobody >> uid with other things that then suffer because they can't create processes >> when they need to. The other thing is that uid "nobody" isn't really >> supposed to own any files at all.. However, I've been too lazy to write a >> useradd type hook for squid. May I handle that work? (for www/squid21 would be better?) >> Note that installing squid with default options is rather bad.. It allows >> relaying globally, among other things. Things like the acl's need to be >> set, things like a user and the cache_effecive_user things are pretty >> small compared to that. Squid 2.1 BTW, default's to a closed access list >> and requires the user to edit in their own address masks that they want to >> allow access to. But I think that starting the editor for the setup file wouldn't promise user's correct configurations. People who knows what to do for the system would check the documentations and setup without such help of ports. At least, it would not be needed when `squid.conf' already exists. If you really thought that editing squid.conf at the installation time is necessity, squid port shoud be an interactive port by setting IS_INTERACTIVE. Many ports need configuration work after the installation, but doesn't start the editor. Notifying the user some advices would be enough. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990101194557.17225.qmail>