Stephen Gran wrote:
On Mon, Jan 15, 2007 at 05:41:52PM -0800, Dennis Peterson said:
It required a visit to the Makefile to see where the user was being
defined and you're right. I did not know this about clamscan and don't
yet understand the rationale, but it does have an impact on systems
where clamscan is intended to be used but not clamd nor clamdscan -
stand alone systems, in other words. I'll have to tweek my Cfengine
configs some.
Does anyone know what this code is supposed to protect?
My impression is that it is for unpacking archives and following
symlinks and so forth - it deliberately drops privileges before doing
so, so that sensitive files aren't tampered with, Maybe one of the dev
team can shed more light on the subject, but that's what a quick glance
through the code suggests.
Of course - and perfectly sensible. I had no need to scan any archives
so didn't make the association. This information allows a workaround
without hacking the code. Thanks, Stephen.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
