> ons 2009-02-11 klockan 14:56 +1300 skrev Amos Jeffries: > >> WHY: >> * it's a security breach. > > Why?
Overriding the underlying OS, which admin may understand, with behavior they may not. Can cause them to enact less secure workarounds; I have seen squid effective-user'd to the root UID not long ago. > >> * it's the source of many permissions annoyances. > > Yes. > >> * the setting is still widely recommended in online how-to's > > Yes, and often for the wrong reasons. > >> * current Squid-3+ are perfectly capable of pulling correct user/group >> pairs from the OS or being built with a distro preferred user other than >> 'none'. > > Yes. > >> HISTORY: >> If I recall correctly, the only holdback we had last time this was >> discussed was that certain setups and winbind needed it to work. > > Not sure. > >> That has since changed with the information about the winbind priv group >> being available to Squid. > > ? > >> DESIRED OUTCOME: >> I'd like to obsolete it in 3.2 unless there is another compelling >> reason to keep it? > > I don't see why it should be dropped. > >> Failing that, I'd like to come up with a setup of parameters we can >> detect and severely restrict its usage. Makign noisy log and startup >> warnings when abused. > > How is this directive abused? You answered that yourself with: online how-to's recommending it for the wrong reasons. Those distro's which still patch it to a fixed value in their packages (this at least is fixable since --with-default-user). > > If you set it to something then you don't get the benefit of multiple > group membership of the user account. > > > A +/- 0 from me. > > Regards > Henrik > >