Hello Colin Campbell,
Thursday, January 10, 2002, 2:44:46 AM, you wrote:
CC> o When started, the config file is read as root. It has to be since it
CC> doesn't yet know the uiser and group to run as. That obviously works.
CC> o After determining the user and group for running, squid does a setuid()
CC> [or whatever] and setgid() [or whatever].
CC> o setgid() [or whatever] does not pick up the other groups the user squid
CC> "belongs" to, since that's a feature of login/su/.... I suspect it
CC> probably even keeps the groups that root belogs to. If not it probably
CC> drops root's other groups altogether.
i was thinking about it and had the same thoughts.
CC> Consequently, when squid is running, it needs access as user squid, group
CC> squid.
but again - what can i do to suppress that messages and have
squid.conf owned by root.squidadm ? it can work fine with the current
settings(squid.squid) and secutiry seem to be ok, but it was said
in "squid users guide" to set up that permissions and i believed it =)
--- with best regards, Alexander Galitski(triton-sec@gidro-service.ru) Gidro-Service, http://www.gidro-service.ru/ phone: 8(095)105-7567Received on Thu Jan 10 2002 - 04:08:17 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:48 MST