varnish security

Chris Hecker checker at d6.com
Mon Jul 12 10:28:28 CEST 2010


It looks like all users can access the log shared memory for varnishd 
(so they can run varnishlog, varnishstat, varnishncsa, etc.).  Is there 
a way to prevent that?  It's not a huge priority for my current setup, 
but I was just surprised.

I noticed there was a thread about the vcl.load interface on 
securityfocus as well:

http://www.securityfocus.com/archive/1/510360

Chris





More information about the varnish-misc mailing list