RE: Why should squid not be run as root?

From: <danielrod@dont-contact.us>
Date: Mon, 14 Jun 1999 11:03:24 +0900

Hello John,

Please excuse the basic question, but what do you mean by "locking the
account?" I understand how to make this username not "loginable," but I am
not sure about the former.

As a beginner to Linux/Unix, it is not just the answer that is of interest,
but the implications of Unix design and security, as it relates to my Squid
inquiries.

Thank you,

--Daniel

> -----Original Message-----
> From: John Sloan [mailto:johns@uk.uu.net]
> Sent: Saturday, June 12, 1999 2:45 AM
> To: danielrod@nts.co.jp
> Cc: squid-users@ircache.net
> Subject: RE: Why should squid not be run as root?
>
>
>
> On Fri, 11 Jun 1999 danielrod@nts.co.jp wrote:
>
> > Simon,
> >
> > I have one more question, if you don't mind. Instead of
> using "nobody," I
> > created a user called "squidadmin" and use this to run squid.
> >
> > You said:
> > > In general it is wise to give any process the minimum
> rights necessary for
> > it to do its job.
> >
> > Is there anything that I can/should do to minimize the
> rights associated
> > with "squidadmin?"
> >
> > So far, I did a "newuser squidadmin" followed by a "passwd
> squidadmin," and
> > nothing else.
> >
> > Thanks!
>
> Your squidadmin user doesn't need to be one which you can log
> on as. You
> might want to lock the account as well.
>
> John
>
>
Received on Sun Jun 13 1999 - 19:56:30 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:46:51 MST