On tor, 2007-11-01 at 14:09 -0500, Cryer,Phil wrote: > During a review on squid, we found the following setuid-binary set to > run as root > E: squid setuid-binary /usr/lib64/squid/ncsa_auth root 04750 > E: squid setuid-binary /usr/lib64/squid/pam_auth root 04750 No idea why ncsa_auth is installed suid in your setup. It does not need to, and should not.. If using a binary Squid distribution please report this to your distributor. pam_auth however need to be suid to work properly on systems having shadow password database. But you only need this if you are using pam_auth. Regards Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part