[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: squid proxy authentication.
- To: Ariel Biener <ariel(at-nospam)fireball.tau.ac.il>
- Subject: Re: squid proxy authentication.
- From: Alon Barzilai <alon(at-nospam)skyline.co.il>
- Date: Tue, 17 Jul 2001 13:42:40 +0200
- CC: Oded Arbel <odeda-linux-il(at-nospam)betalfa.org.il>, Linux-IL mailing list <linux-il(at-nospam)cs.huji.ac.il>
- References: <Pine.LNX.4.21_heb2.09.0107171326040.17091-100000@fireball.tau.ac.il>
- Sender: linux-il-bounce(at-nospam)cs.huji.ac.il
ok, thanks,
I put my shadow file on even odder place.
Alon
Ariel Biener wrote:
>
> On Tue, 17 Jul 2001, Oded Arbel wrote:
>
> > Security wise , isn't this the same thing ?
>
> No... Usually `sploit sc33ptz are looking for known things, like
> /etc/shadow for example. If you put a file in /usr/local/squid/etc, owned
> and readable by squid only, no exploit script knows it's there.
>
> If someone has physical access to your machine, but doesn't have root,
> again, he/she will be able to read a world readable /etc/shadow, but not a
> squid owned and squid readable /usr/local/squid/etc/passwd
>
> ..
>
> --Ariel
>
> --
> Ariel Biener
> e-mail: ariel@post.tau.ac.il
> PGP(6.5.8) public key http://www.tau.ac.il/~ariel/pgp.html
>
> =================================================================
> To unsubscribe, send mail to linux-il-request@linux.org.il with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail linux-il-request@linux.org.il
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il