[squid-dev] Efficient FD annotations

Alex Rousskov rousskov at measurement-factory.com
Tue Jan 7 14:39:20 UTC 2020


On 1/7/20 1:39 AM, Amos Jeffries wrote:
> On 7/01/20 4:28 am, Alex Rousskov wrote:
>> For the record: The ideas below are superseded by the concept of the
>> code context introduced in commit ccfbe8f, including the
>> fde::codeContext field. --Alex

> If you want to go that way (replace fde:note with fde:codeContext)

I would not replace fde::note with fde::codeContext. I would keep
fde::note as a basic indication of the current FD purpose/scope. This
can be done cheaply using string literals or constant SBufs.


> we are going to have to do a security audit on the values displayed
> by the CodeContext objects. That is due to how the fde::note are sent
> over the public network in clear-text transactions for
> mgr:filedescriptors report.

Overall, I doubt such an audit is a good idea -- only the Squid admin
can correctly decide whether it is OK to expose transaction information
in cache manager responses[1,2]. If there is demand for limiting that
exposure, I would rather add a configuration directive that would allow
the admin to control whether Squid is allowed to report context in cache
manager responses, error pages, etc.

Alex.

[1] Some of the transaction context is already exposed in the current
cache manager responses. We may want to add more details or report fewer
details, but there is no paradigm shift here.

[2] In some deployment environments, cache manager responses are
delivered over secure channels.


More information about the squid-dev mailing list