[squid-users] protect squid.conf file

Yuri Voinov yvoinov at gmail.com
Fri Jul 22 19:53:31 UTC 2016 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
The simplest way I see is:

- - Write you own custom squid's startup script (with bash/any shell you
want).

- - This script will decrypt squid.conf before any
startup/shutdown/reconfigure operation then encrypt config again.

- - Therefore squid.conf will stored encrypted most time on fs.

That's all, folks. All required components is already available -
openssl, bash, vi, hands.

Yet another way is more complex. Just write C/C++ wrapper to
startup/shutdown/reconfigure squid. With encryption by your choose.

But the best - tadaaaaa! - No.1 solution is: Get away another
superuser's from your server!!! The root must be only one - like hero!


22.07.2016 20:01, --Ahmad-- пишет:
> amos i want to  have like set default directive
>
> say like there is default  one called ——————>   cache_mem
256               for squid
>
> if i didn’t put anything in squid.conf then squid will assume it as 256 M
>
> if i changed it in squid.conf then squid will read it
>
>
> the question again here
>
> how can i add directives to squid  similar to the one above ? ?
>
>
> i want it to be liked default loaded without my action ?
>
>
>
> maybe it needed to be done before compilation process ?
>
> or after ? idk
>
>
>
> thank you
>
>
>> On Jul 22, 2016, at 5:00 PM, Ahmed Alzaeem <n1shutdown at gmail.com
<mailto:n1shutdown at gmail.com>> wrote:
>>
>> amos i want to  have like set default directive
>>
>> say like there is default  one called ——————>   cache_mem
256               for squid
>>
>> if i didn’t put anything in squid.conf then squid will assume it as 256 M
>>
>> if i changed it in squid.conf then squid will read it
>>
>>
>> the question again here
>>
>> how can i add directives to squid  similar to the one above ? ?
>>
>>
>> i want it to be liked default loaded without my action ?
>>
>>
>>
>> maybe it needed to be done before compilation process ?
>>
>> or after ? idk
>>
>>
>>
>> thank you
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJXknm6AAoJENNXIZxhPexGmLgIAISKhVie+oTxJg9cSrX3eqta
IjWVgvcrKg0V/NfSjryXGa+cN43ONNFdlOoZRGFW9v92qYOuCrWFLUmM4H8vz8mC
ZeEFFDFTW+NT97/psgiCjzOPWkezvyCJSRvMxxMXp6zxhi1r4VvCY3sWFpful3Nv
aQMfvAzBXtn+evTsbaZYhThMoIpuT+xgqR8sERXTyK27Nkvgbqo9Jx1xH7dkbvjj
+WMRed1vP/tXBx2FbldaxpXzcYKJmp02T/lopJKSTA0iMnYkYRswQ4+WFz/4hDhG
If3dv4xekpeQ6Op5LKdGLV+jG03lH2UNWLKZqY97SCHz3yw/D4YoN8+bpghPPCY=
=PfWh
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160723/0b152697/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x613DEC46.asc
Type: application/pgp-keys
Size: 2437 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160723/0b152697/attachment-0001.key>

More information about the squid-users mailing list