Leonardo Rodrigues Magalhães wrote:
>
>
> Amos Jeffries escreveu:
>>
>>> cache_effective_group squid
>>
>> whack!
>> Please don't use this.
>
> why not ???? i'm curious why not use that :)
>
It sets the squid security group GID to that group. Regardless of what
the system has configured.
While the UID/GID pair must still be linked at the OS level. It does
very effectively prevent squid accessing other resources (such as
SELinux service groups, winbind auth privileges, shared logging groups,
etc) which the system admin might need to give Squid access.
For people who don't need to use it explicitly or overlook how it works,
it produces some weird permission side effects they don't usually expect.
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13 Current Beta Squid 3.1.0.5Received on Wed Feb 11 2009 - 13:54:11 MST
This archive was generated by hypermail 2.2.0 : Wed Feb 11 2009 - 12:00:01 MST