> Hi all,
>
> i did a quick hack and patched Solaris privileges support into pinger.c
> from squid-2.6.STABLE18. This should allow to run pinger w/o setuid-root,
> while still being able to access ICMP-sockets. The $SQUID_USER gets the
> additional PRIV_NET_ICMPACCESS rights via:
> /usr/sbin/usermod -K defaultpriv=basic,net_icmpaccess $SQUID_USER
>
> While probably not so interesting for the general public, could someone
> with a bit more squid-code knowledge than me take a look at the patch?
> I just want to make sure i didn't inadvertedly break something else ;-)
>
> Thanks,
>
> Frank
>
Interesting and useful. Thank you.
Seeing as the new code is almost all in one block with a specific purpose.
I'd create a new function pingerSetPrivs() private to the pinger to do it
and call it just before pingerOpen() instead.
Amos
Received on Thu Jan 24 2008 - 13:25:28 MST
This archive was generated by hypermail pre-2.1.9 : Wed Jan 30 2008 - 12:00:09 MST