17 Nov 2009 @ 1:29 PM 

If varnishd is now started with a -S secret-file argument, user connections are authenticated.

This solves the wide openness of the management access point to varnish. Usual workaround is to simply ssh to a shell on a restricted machine, but if you are running varnish on a system where there is shell access, any user can telnet to the management port and, well, manage varnish (by design).

This solution prevents that situation for hosting providers, and should allow wider deployments on multi-use non-dedicated servers.

http://varnish.projects.linpro.no/wiki/CLI

Posted By: admin
Last Edit: 30 Dec 2009 @ 12:19 AM

EmailPermalink
Tags
Tags:
Categories: Varnish Cache


 

Responses to this post » (None)

 
Post a Comment

You must be logged in to post a comment.


 Last 50 Posts
 Back
Change Theme...
  • Users » 328
  • Posts/Pages » 45
  • Comments » 1
Change Theme...
  • VoidVoid « Default
  • LifeLife
  • EarthEarth
  • WindWind
  • WaterWater
  • FireFire
  • LightLight

Music



    No Child Pages.