varnish security

Poul-Henning Kamp phk at phk.freebsd.dk
Mon Jul 12 12:20:29 CEST 2010


In message <4C3AD9F6.8020307 at d6.com>, Chris Hecker writes:

>> I pressume you also bothered to read the vendor response ?
>
>Of course.  I was just pointing out the related thread.

Uhm, no, you pointed to the message with the bogo-advisory and
I do not seem to be able to find any ensuing discussion from there ?

>Maybe a wiki page on varnish-cache.org on securing varnish would be 
>useful here.  It could contain the thing about the file permissions 
>above, a short discussion of the CLI, etc.  That would help, and 
>couldn't hurt.

Yeah, our docs need work...

>The Husqvarna analogy is slightly flawed since most people can't run
>yum install husqvarna
>and have one magically appear at their feet, gassed and ready to go.  :)

That argument would be much more convincing, if sites like this
did not exist:

	http://www.baileysonline.com/search.asp?SKW=HVF%20390XP&catID=11443

Poul-Henning

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.



More information about the varnish-misc mailing list