On Friday 18 July 2003 00.52, Adam Aube wrote: > where some path is writeable by you. Note that you > won't be able to bind Squid to a port lower than 1024, > and you may encounter problems elsewhere. I've never > tried this, so I can't guarantee the overall plan > will work.
Not running Squid as root is generally recommenteded and will work just fine. If Squid is run as root then chroot_dir should also be used to take advantage of the possibility of increased security. The use of chroot_dir is basically the only valid motivation why Squid should be started as root and secures Squid beyond what starting Squid as a non-privileged user can do. (note however that the ability to use "squid -k reconfigure" is lost in chroot_dir setups.. security comes at a price) Binding Squid to low ports is not a good reason why to have to start Squid as root. There is no good reason why a proxy should need to run on a low port, or why it should not be allowed to when started as a non-root user on a dedicated proxy server. Regards Henrik -- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [EMAIL PROTECTED]
