Marc van Selm wrote:
> You could integrate squid in a firewall setup (Is that wise?
> I guess not.)
Not unless the firewall can firewall itself (Squid). I would not
recommend having the Squid ports open for external access in an firewall
setup, even if protected by Squid acls.
The Squid developers do try to avoid known constructs which can easily
lead to compromise, and any security related bugs are fixed with highest
possible priority once found, but there has to my knowledge not been any
serious security auditing of the Squid code.
Anyone interested in auditing ~70000 lines of C code with close to no
documentation and new code constanly being added, please contact
squid-bugs@ircache.net...
-- Henrik Nordstrom Spare time Squid hackerReceived on Tue Mar 23 1999 - 02:08:00 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:45:22 MST