Re: cachemgr.cgi & security???

From: Marc Delisle <delislma@dont-contact.us>
Date: Mon, 28 Oct 1996 15:29:51 -0800

Peter Olsson wrote:
>
> Hello and thanks for your answers!
>
> My question was:
> >> I just realised something. Even if I put access control on my own
> >> cachemgr.cgi so that only I can use it, people outside of us can
> >> use their own cachemgr.cgi and access information about my Squid-server
> >> by giving my servers FQDN and port.
(...)

> I don't understand these answers. When I read the cachemgr.cgi-part of the
> FAQ, I thought it said that in squid.conf I allow the squid-server to be
> queried by cachemgr.cgi. Not just my cachemgr.cgi but ANY cachemgr.cgi.
>
> Where did I get it wrong?

If I want to access your cachemgr, I will have to go first thru your Web
server (probably port 80), not your
Squid server. So, whatever Web server you use, configure it to restrict
access
to the cgi-bin/cachemgr program.

-- 
Marc Delisle              
DelislMa@CollegeSherbrooke.qc.ca                    
Service Informatique,                              
Collège de Sherbrooke      
Québec.  819/564-6223
Received on Mon Oct 28 1996 - 12:42:47 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:23 MST