Bug 24981
Summary: | should enable more features in squid build | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Frank Ch. Eigler <fche> |
Component: | squid | Assignee: | Bill Nottingham <notting> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.0 | CC: | rvokal |
Target Milestone: | --- | Keywords: | FutureFeature |
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2001-12-07 19:35:41 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Frank Ch. Eigler
2001-01-25 22:37:52 UTC
ICMP requires a setuid binary installed, which is why we've never installed it in the past. SNMP & delay pools have been enabled for a while. Some of the others will be enabled in 2.4.STABLE1-1. Testing the new squid-2.4.STABLE1-1 RPM, I see that the --enable-cache-digest option is still off. Can at least that be turned on? I appreciate the hypothetical security concerns with --enable-icmp, but FWIW, I'm using it anyway. Maybe the setuid pinger program could be built, but packaged into a separate RPM. Can we have a ruling about the security non-risk options such as --enable-cache-digests? Basically, it can cause sudden large bandwidth uses (when transferring the digests) on slow links, so it's not a great config option for the one-package-fits-all approach. On slow links, digests can be turned off at run time, or update frequencies turned down. Even there, they should be an advantage as it drastically reduces the amount of upstream cache polling, reducing traffic and latency. Keeping the option out of the build means that people who do want it have to recompile, not merely reconfigure. As a compromise, please consider enabling cache-digests in the build, but turning them off in the default configuration file. |