Adrian Close writes: >Just wondering - do you know if anyone has done a serious security audit >of the Squid code? While I'm very happy using Squid on a dedicated box, >I've always been a bit leery of running it on an actual firewall. Dunno of one. Code's getting too complex (i.e.: relying on too many underlying layers that can't be trusted) for code reviews to make much difference. The question is -- is there any way to run it under isolation on your system? Haven't played with it enough lately -- but I don't think fwtk's http-gw is free of buffer overruns, either. :( mjr. -- Marcus J. Ranum, CEO, Network Flight Recorder, Inc. work - http://www.nfr.net home - http://www.clark.net/pub/mjr - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
