Here is a workaround to the FTP PUT related denial of service issue
recently found in Squid.
Put this before the first "http_access allow" line in your squid.conf:
acl FTP protocol ftp
acl PUT method PUT
http_access deny FTP PUT
This will deny any attempts in uploading FTP objects via Squid.
Or alternatively, if you need to allow your users to upload FTP objects
you can try the following
acl FTP protocol ftp
acl PUT method PUT
acl directory url_regex /$ /; /?
http_access deny FTP PUT directory
but it is quite likely this does not cover all possible cases, so if you
need to allow FTP PUT and have malicious users you better patch your
Squid for the problem, or get the current Squid-2.4 nighly snapshot from
http://www.squid-cache.org/Versions/v2/2.4/ (the snapshot also contains
a couple of other minor bugfixes not yet mentioned on the bugs page)
-- Henrik Nordstrom Squid HackerReceived on Wed Sep 19 2001 - 01:05:38 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:16 MST