Re: Permission denied creating directories with squid -z

From: Clifton Royston <cliftonr@dont-contact.us>
Date: Fri, 5 Nov 1999 11:42:35 -1000

On Fri, Nov 05, 1999 at 09:12:17PM +0200, Ertan Kucukoglu wrote:
> > chown your cache dir to nobody.nogroup then rerun 'squid -z'. That will
> > solve your problem I suppose.
> >
> > Regards,
> >
> > --
> > Ertan Kucukoglu
> > ertank@ozlerplastik.com
>
> Ooopps, sorry, I missed last part of your message. You also supposed to
> chmod your 'log' dir.

  I just wanted to point out here that since it's common to use
"nobody" and "nogroup" for various other unprivileged processes
(sometimes including CGI scripts) this could have the side effect of
giving other processes or users access to your cache and log's
contents, or in the worst case, possibly giving the outside world
access to them.

  It's probably better to create a "squid" user and group, which takes
only a couple minutes more and could save many headaches later.
    -- Clifton

-- 
 Clifton Royston  --  LavaNet Systems Architect --  cliftonr@lava.net
        "An absolute monarch would be absolutely wise and good.  
           But no man is strong enough to have no interest.  
             Therefore the best king would be Pure Chance.  
              It is Pure Chance that rules the Universe; 
          therefore, and only therefore, life is good." - AC
Received on Fri Nov 05 1999 - 14:51:54 MST

This archive was generated by hypermail pre-2.1.9 : Wed Apr 09 2008 - 11:57:32 MDT