varnish security

[Chris Hecker]

It looks like all users can access the log shared memory for varnishd 
(so they can run varnishlog, varnishstat, varnishncsa, etc.).  Is there 
a way to prevent that?  It's not a huge priority for my current setup, 
but I was just surprised.

I noticed there was a thread about the vcl.load interface on 
securityfocus as well:

http://www.securityfocus.com/archive/1/510360

Chris