cvs commit: doc/en_US.ISO8859-1/books/porters-handbook book.sgml
Richard Coleman
richardcoleman at mindspring.com
Tue Feb 24 20:43:38 PST 2004
Kris Kennaway wrote:
> On Mon, Feb 23, 2004 at 01:07:02PM -0800, Christian Brueffer wrote:
>
>>brueffer 2004/02/23 13:07:02 PST
>>
>> FreeBSD doc repository
>>
>> Modified files:
>> en_US.ISO8859-1/books/porters-handbook book.sgml
>> Log:
>> o Don't claim that all UIDs listed are below 999
>> o Add squid's UID (3128)
>
>
> The upper bound of 999 is so that system administrators can assign
> higher uids to their users without running into collisions with ports.
> IMO squid must be fixed to stay within the ports namespace - yes, it's
> too bad it can't have its magic number of 3128 as a uid, but this will
> cause problems for installed systems.
>
> Kris
More importantly, it has (possible) security implications. For
instance, the default settings for "suexec" with Apache are such that it
will not execute any CGI script as a uid below 1000, since it is assume
those are reserved for "system" processes.
Most shops that need suexec can easily fix such things. But you get the
idea.
Richard Coleman
richardcoleman at mindspring.com
More information about the cvs-doc
mailing list