Hello,
In the professional environment I intend to implement this cache solution, this is very unacceptable.
Linux has been a long-outlawed OS here, and with this recent opportunity to use something like it,
My objective it so make it as bulletproof as possible. In order to do this, I need to be sure that the system CANNOT be identified to outside (or inside) users/hacks.
Thus, the proposed hiding of the cache name / version appears good, but anyone can click "view source" and have a field day.
Is there a way to reassign the value reported by %s, or is there a way (possibly recompiling?) to disale the addition of %s if it is undefined? ie: stop the default signature from being added.
I'd hate to leave an open invitiation to the possibility of compromise, and am actually considering scrapping squid altogether for something commercial based on this one fatal flaw.
I'm hoping for a workaround, as personally I'd rather use Linux/Squid, but professionally I'm simply not willing to take the risk...
Joseph R. Erlewein, N8OUZ
Intern, Networking
Munson Healthcare
>>> Henrik Nordstrom <hno@hem.passagen.se> 2/14/2001 3:55:20 PM >>>
You cannot completely hide it, but you can put it inside a HTML comment
making it less obvious to the user..
Exampel custom signature: (add it to the end of each error page)
<br clear="all">
<hr noshade size=1>
Generated %T
<!-- %h (%s) -->
Unless the error page includes "%s" (Squid name and version) the default
signature will be added.
Note: If you prefer to have the datestamps using your local timezone,
then use %t instead of %T above.
-- Henrik Nordstrom Squid hacker Kareem Mahgoub wrote: > > Hi all > I would like to know if there is a way to hide the version and the name of > squid, on all error messages. > I have checked in the FAQ and I found how to change all the parameters but > not the name and the version that appears in the last line of the error > message. > Any help would be appreciated. > Regards, > Kareem Mahgoub > > -- > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.html -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Mon Mar 05 2001 - 11:26:20 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:31 MST