Search squid archive

Re: Host header forgery policy in service provider environment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 6/01/2016 10:10 p.m., Garri Djavadyan wrote:
>> On 2015-12-31 00:01, Garri Djavadyan wrote:
>>> Hello Squid members and developers!
>>>
>>> First of all, I wish you a Happy New Year 2016!
>>>
>>> The current Host header forgery policy effectively prevents a cache
>>> poisoning. But also, I noticed, it deletes verified earlier cached
>>> object. Is it possible to implement more careful algorithm as an
>>> option? For example, if Squid will not delete earlier successfully
>>> verified and valid cached object and serve forged request from the
>>> cache if would be more effective and in same time secure behavior.
>>
>>
>> This seems to be describing 
>> <http://bugs.squid-cache.org/show_bug.cgi?id=3940>
>>
>> So far we don't have a solution. Patches very welcome.
>>
>> Amos
> 
> Amos, can recheck the bug report? I found the root cause of the problem
> and presented possible prototype solution, which solves the problem in
> my environment. Thank you in advance!


Got the bug update notice. The double-check may take a while to track
down all the side effects. Thank you very much in advance anyhow. :-)

Amos

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux