RE: Why should squid not be run as root?

Simon,

I have one more question, if you don't mind. Instead of using "nobody," I
created a user called "squidadmin" and use this to run squid.

You said:
> In general it is wise to give any process the minimum rights necessary for
it to do its job.

Is there anything that I can/should do to minimize the rights associated
with "squidadmin?"

So far, I did a "newuser squidadmin" followed by a "passwd squidadmin," and
nothing else.

Thanks!

--Daniel

> Daniel,
>
> It is generally possible to exploit software bugs (notably buffer
> overflows) in such a way that a command is invoked by the
> parent process.
> It is conceivable that a suitably constructed URL could cause
> Squid to run
> a shell command for instance. While Squid is undoubtedly well
> written, the
> source code is freely available so a determined hacker could
> find any bugs
> that may exist. If Squid were running as root then the shell
> command would
> also run as root, giving a hacker extensive access to the server. By
> running Squid as a user with few rights (usually nobody)
> prevents any real
> damage being done if Squid itself is compromised. In general
> it is wise to
> give any process the minimum rights necessary for it to do its job.
>
> Cheers,
> Simon.
>
> At 16:50 11/06/99 +0900, you wrote:
> >This is a very basic security question, I suppose.
> >
> >Can anyone tell me why squid should be run as another user
> and not root?
> >
> >I created a new user and group called squidadmin, only because the
> >documentation recommended that I do so.
> >
> >What are the security implications in doing this?
> >
> >Thank you very much!
>
>
> --------------------------------------------------------------
> -----------
> Simon Rainey Direct Line:
> 01235 823238
> Principal Internet Consultant Fax:
> 01235 823424
> RM Internet for Learning E-mail:
> srainey@rmplc.net
> New Mill House, 183 Milton Park, Abingdon, Oxfordshire, OX14
> 4SE, England
>
Received on Fri Jun 11 1999 - 04:39:01 MDT