Date: Thu, 19 Feb 1998 11:39:42 +0000 From: Karl Pielorz <kpielorz@tdx.co.uk> To: Alik Yuswanto <alik@sby.globalinfo.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Running Squid as root Message-ID: <34EC19FE.4FE651A0@tdx.co.uk> References: <01bd3d26$ee746920$d4a9cda7@Ws3-sby.Ywcn-sby>
next in thread | previous in thread | raw e-mail | index | archive | help
Squid offers a service (usually on an unprivileged TCP port, e.g. 8080) to the masses, and it's quite big (and hence probably has bugs - which may or may not be known or exploitable). There's a lot less damage going to be done if someone manages to exploit it - and it's running as 'squid', rather than if it was running as 'root'. (Imagine they pursuade it to write your /etc/rc.conf file or something? - if it's running as 'squid' the write will fail, if it's running as 'root' - it may succeeded). In short, I always try to run it as 'squid' or some other low-level access user... I see it as good practice... Others may disagree I guess... Regards, Karl Pielorz Alik Yuswanto wrote: > > Greetings, > Could somebody tell me what is the advantages or disadvantages of running > squid as root? > Do I have to run always as user squid? > Thanks in advance. > > ~Alik > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?34EC19FE.4FE651A0>