On Wed, Jan 06, 1999 at 11:24:46PM +0100, Herwig Wittmann wrote:
> Hello people, [1]
>
> Are there any real bad things (tm) users authorized to use a squid cache
> could do if I would replace the default Safe_ports acl with
> something like "acl Safe_ports 1-65535"?
>
> --- snip - squid.conf ---
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> http_access deny !Safe_ports
> --- snap ---
Well.. they could use your Squid as a telnet gateway, irc bouncer, and just
about anything else that works over TCP.
Greetz, Peter.
--
<squeezer> AND I AM GONNA KILL MIKE | Peter van Dijk
<squeezer> hardbeat, als je nog nuchter bent: | [EMAIL PROTECTED]
<squeezer> @date = localtime(time); | realtime security d00d
<squeezer> $date[5] += 2000 if ($date[5] < 37); |
<squeezer> $date[5] += 1900 if ($date[5] < 99); | -x- available -x-
