Hello!
A few days ago, I installed tinyproxy port from the package (pkg install).
I see that tinyproxy [still] has two problems that had been reported and
discussed in various venues, including at least one FreeBSD bug report.
Unfortunately, nothing has been done with that for a long time.
1. Problem #1: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207051
- see the initial description by Jason Mann there:
Daemon is listening on ipv6 only.
2. Problem #2: https://github.com/tinyproxy/tinyproxy/issues/24
Daemon is unable to create the .pid file in /var/run due to dropped
privelege.
A possible solution: create /var/run/tinyproxy owned by nobody:nobody
and change the pid file to /var/run/tinyproxy/tinyproxy.pid
There is some resistance from @obnoxxx, but I suspect (and hope) it is
from the misunderstanding.
There is a more detailed explanation of what could be done (see the
recent post by St-Ranger there).
And an optional change, but useful (IMHO) from the security point of view:
3. Replace the user/group "nobody" used by the daemon to the dedicated
"tinyproxy:tinyproxy". This would separate this server from any other, -
in the way that is done with several other ports on FreeBSD.
Best regards,
Igor
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[email protected]"
