Re: [squid-users] squid as HTTP accelerator : Three questions from Adrian Chadd on 2008-02-06 (squid-users)

From: Adrian Chadd <adrian@dont-contact.us>
Date: Wed, 6 Feb 2008 21:05:07 +0900

Squid starts as root and then becomes another user.
It shouldn't pose a security risk - the amount of code running as root
is very, very minimal.

adrian

On Wed, Feb 06, 2008, kk CHN wrote:
> Hi People ;
>
> Thanks for your reply , thanks to Adrain Chadds tips .
> I edited the init script & changed the squid user to root , now its
> working for port 80 ,
>
> I would like to clarify the following Three questions
>
> Question 1 ) Is there any security issues for running squid as root ?
>
>
>
> I am setting up my squid as http accelerator , so squid will handle
> the request first , then handed over it to Apache (which is now Listen
> on 81) then from Apache to my zope(which is on port :8080)
>
>
> so what I added in squid is
>
> http_prot 80 accel vhost
>
> cache_peer 127.0.0.1 parent 81 0 originserver default
> http_access allow from all
> ##############
>
> my apache Listen on 81
> and the vhost entry for my site is like this
>
> NameVirtualHost *:81
> <VirtualHost *:81>
> RewriteEngine On
> RewriteRule ^/(.*)
> http://127.0.0.1:8080/VirtualHostBase/http/demo.mysite.net:81/mysite/VirtualHostRoot/$1
> [L,P]
> ErrorLog /var/log/apache/demo.mysite.net/error_log
> CustomLog /var/log/apache/demo.mysite.net/access.log combined
> </VirtualHost>
>
>
> Previously This site was too slow when I use apache infront of zope
> , so all request is coming to apche then apache Rewrite rule will hand
> over the request to zope:8080
>
> Now in the new setup squid is infront ,
>
> question 2 ) how can I check to make sure the squid is handling all
> the request first , and so its performance as an http accelerator ?
>
> question 3) I have a number of VirtualHost (name based) entries in my
> apache , so running the sqid in front on port :80 , did accelerate
> the speed of my vhost sites ?
>
>
>
> Looking for your valuable comments on this setup ,
>
> I am looking for the pros/cons of this setup squid-->apache--> applications
>
> Thanks in advance for your valuable feedback as early as possible
> KK

-- 
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -

Received on Wed Feb 06 2008 - 04:53:22 MST

This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:04 MST