diladele
Change user account of squidsrv service
Currently, the squidsrv service runs under the account NT AUTHORITY\LocalSystem. As this is the system account with highest administrative privilages, this is a huge security issue - consider a security flaw in the proxy implementation, if an attacker is able to perform remote code execution, they gain control of the entire system.
It would be better to run the service under an account with least privileges. I would suggest using a dedicated virtual account for this purpose, such as NT Service\squidsrv. This could be realised by using the Account property of the ServiceInstall element in the installer. Note that the permissions of the /dev and /var folders have to be changed accordingly as well. (I have noticed that log files and the PID file have broken security descriptors when created through the service / cygwin itself, so they might have to be created and configured beforehand)
