Date: Tue, 16 Jun 2009 22:48:17 -0500 From: Jeffrey Goldberg <jeffrey@goldmark.org> To: FreeBSD Ports List <freebsd-ports@FreeBSD.org> Subject: Safe to run squid_user=root ? Message-ID: <6F3DA1E9-877B-438D-BE2A-D9800C210AA7@goldmark.org>
next in thread | raw e-mail | index | archive | help
www/squid30 sets up an rc.d startup script that includes
squid_user=${squid_user:-squid}
This makes it impossible to get squid to listen on a port lower than
1024.
If I specify
squid_user=root
in my rc.conf will I be doing something stupid? Does squid
appropriately drop privileges after binding to a socket?
The background for this is that I want to set up a proxy to listen on
port 70 (yes that is gopher). There is a bit of a move afoot to set
up proxies to allow people from Iran to get to sites like twitter and
facebook which are currently being blocked by the Iranian government.
They have just started blocking things to destination ports like 8080
and 3128.
FreeBSD 7-STABLE, www/squid30
Cheers,
-j
--
Jeffrey Goldberg http://www.goldmark.org/jeff/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6F3DA1E9-877B-438D-BE2A-D9800C210AA7>