> From: danielrod@nts.co.jp [SMTP:danielrod@nts.co.jp]
>
> This is a very basic security question, I suppose.
>
> Can anyone tell me why squid should be run as another user and not root?
>
This applies to all programs that don't absolutely need root
status, not just squid. In particular, if someone were to
discover a buffer overrun bug in Squid and it runs as a user other
than root, they can only corrupt the files writeable to that user,
but if it runs a root, they can take over the whole machine.
It also applies to all general operations on a system that
don't need root status.
Received on Fri Jun 11 1999 - 04:42:37 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:46:50 MST