I can see that this would be a security risk in the real world, but because
we have a highly secure network between our servers we do not see this as a
risk to us.
Anyhow, to try and get a fix for this problem, (without joining the squid
developer group and adding it myself) can squid be setup that when it
receives a username/password, check this with another proxy server to see if
it is correct like a remote password server which we also use here?
> Definitely no. Because one one things this would certainly
> be a security breach in that SQUID would have to know and store
> the passwords of users somewhere that alone to give it to a remote 'partner'.
>
> Rest assure this is >not< possible.
>
> Note that in my original suggestion you will also need :
>
> never_direct allow all
>
> in squid.conf. Since the outsite parent probably is the only one
> with Internet access.
>
> Marc.
-- James Collins Technical Officer Cairns School of Distance Education Ph. 07 4050 8203 Fx. 07 4051 0336 Mob. 0402 866 972Received on Sun May 23 2004 - 19:23:54 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:02 MDT