David wrote:
> Amos Jeffries writes:
>
>> Yes, don't run the -k operations as a non-privileged user. Run it as the
>> same user as the master squid instance (root in this case).
>>
>> Amos
>
> I have a cron job setup that login as squid to run the -k rotate.
> It is best not to login as root. Is there any way around that?
>
Run the cron job on the squid machine directly in the root crontab. Or
permit that command with root privileges via sudo in an otherwise
restricted account.
Sending the signals which -k sends (HUP, QUIT and KILL in particular)
from a low-privileged account to a root account process is less secure
than requiring login to send the signal.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.4Received on Tue Jun 08 2010 - 10:39:19 MDT
This archive was generated by hypermail 2.2.0 : Tue Jun 08 2010 - 12:00:05 MDT