Yomler wrote:
> What do you feel is the best to run squid into ?
> Run in squi.squid account with no shell, or nobody.nobody ?
squid.squid in a chroot jail.
squid.squid to protect it from other services running as nobody.
chroot to protect the server from Squid.
> I added chroot /chroot/squid option, with no success !
Did you remember to set up the proper directory structure for it?
Everything will be under the chroot, this is cache, log files, pid file.
Everything.
> When does squid do chroot? before/after reading squid.conf?
> when does it open the log file, before, after the chroot ?
Squid chroot's immediately after reading squid.conf, but before opening
the log files or starting any helper processes (dnsserver, pinger,
redirectors, proxy_auth validators or whatever).
-- Henrik Nordstrom Squid hackerReceived on Sun Apr 09 2000 - 11:46:38 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:52 MST