RE: Why should squid not be run as root?

From: Dave J Woolley <DJW@dont-contact.us>
Date: Fri, 11 Jun 1999 11:41:27 +0100

> From: danielrod@nts.co.jp [SMTP:danielrod@nts.co.jp]
>
> This is a very basic security question, I suppose.
>
> Can anyone tell me why squid should be run as another user and not root?
>
        This applies to all programs that don't absolutely need root
        status, not just squid. In particular, if someone were to
        discover a buffer overrun bug in Squid and it runs as a user other
        than root, they can only corrupt the files writeable to that user,
        but if it runs a root, they can take over the whole machine.

        It also applies to all general operations on a system that
        don't need root status.
Received on Fri Jun 11 1999 - 04:42:37 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:46:50 MST