Re: cachemgr.cgi & security???

From: Martin Ibert <>
Date: Mon, 28 Oct 1996 07:47:26 +0100

Peter Olsson wrote:

> Please tell me I have gone completely crazy and this is impossible.
> Or what I can do about it.

You have gone completely crazy and this is impossible. At least not as
long as you put access control on the cache_object protocol.

As far as I understand things, things are meant to work as follows:

- Within squid, restrict access to the cache_object protocol to a host
  which you control.
- Within that host's HTTP server, restrict access to your cachemgr.cgi
  program as needed.

Then only you can get at the data, because only you can run the
cachemgr.cgi program on the trusted host, and squid won't honor requests
coming from other hosts.

Dipl.-Inform. Martin Ibert, BB-DATA GmbH, phone: +49-30-245-56582
Brunnenstraße 111, D-13355 Berlin, Germany, fax: +49-30-245-56577
Received on Sun Oct 27 1996 - 22:50:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:23 MST