5359105907
- Malicious users may spoof DNS lookups if the DNS client UDP port (random, assigned by OS at startup) is unfiltered and your network is not protected from IP spoofing. - CVE-1999-0710, adds access controls to the cachemgr.cgi script, preventing it from being abused to reach other servers than allowed in a local configuration file.
22 lines
582 B
Plaintext
22 lines
582 B
Plaintext
$OpenBSD: patch-src_cf_data_pre,v 1.17 2005/05/25 02:27:13 brad Exp $
|
|
--- src/cf.data.pre.orig Tue May 10 19:08:40 2005
|
|
+++ src/cf.data.pre Wed May 18 18:10:13 2005
|
|
@@ -2446,7 +2446,7 @@ DOC_END
|
|
|
|
NAME: cache_effective_user
|
|
TYPE: string
|
|
-DEFAULT: nobody
|
|
+DEFAULT: _squid
|
|
LOC: Config.effectiveUser
|
|
DOC_START
|
|
If you start Squid as root, it will change its effective/real
|
|
@@ -2461,7 +2461,7 @@ DOC_END
|
|
|
|
NAME: cache_effective_group
|
|
TYPE: string
|
|
-DEFAULT: none
|
|
+DEFAULT: _squid
|
|
LOC: Config.effectiveGroup
|
|
DOC_START
|
|
If you want Squid to run with a specific GID regardless of
|