[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: squid proxy authentication.



On Tue, 17 Jul 2001, Oded Arbel wrote:

> Security wise , isn't this the same thing ?

No... Usually `sploit sc33ptz are looking for known things, like
/etc/shadow for example. If you put a file in /usr/local/squid/etc, owned
and readable by squid only, no exploit script knows it's there.

If someone has physical access to your machine, but doesn't have root,
again, he/she will be able to read a world readable /etc/shadow, but not a
squid owned and squid readable /usr/local/squid/etc/passwd

..

--Ariel

--
Ariel Biener
e-mail: ariel@post.tau.ac.il
PGP(6.5.8) public key http://www.tau.ac.il/~ariel/pgp.html


=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il