Bug 3157 - default ICP setup insecure?
Summary: default ICP setup insecure?
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: squid (show other bugs)
Version: unstable
Hardware: all Linux
: P5 minor
Assignee: Denis Ovsienko
QA Contact: qa-sisyphus
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-10-13 23:27 MSD by Michael Shigorin
Modified: 2005-05-23 14:52 MSD (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Shigorin 2003-10-13 23:27:01 MSD 
Я могу ошибаться, но почему в /etc/squid/squid.conf из коробки наблюдается:

#  TAG: icp_access
#       Allowing or Denying access to the ICP port based on defined
#       access lists
#       icp_access  allow|deny [!]aclname ...
#       See http_access for details
#Default:
# icp_access deny all

и при этом у нас он по умолчанию включен:

Steps to Reproduce:
(исходя из отсутствия сквида)
sudo apt-get install squid
sudo grep ^icp_access /etc/squid/squid.conf
Actual Results:  
icp_access allow all

Expected Results:  
icp_access deny all
Comment 1 Denis Ovsienko 2005-05-18 14:20:04 MSD 
посмотрим
Comment 2 Denis Ovsienko 2005-05-18 19:17:37 MSD 
Наверное, уже неактуально.

# grep icp_access /etc/squid/squid.conf
#  TAG: icp_access
#       icp_access  allow|deny [!]aclname ...
# icp_access deny all
#icp_access allow all