Dennis Peterson wrote: > Chuck Swiger wrote: > >> On May 8, 2008, at 5:43 PM, Dennis Peterson wrote: >> >>>> Can't you do this via something like: >>>> >>>> % ls -1 > /tmp/filelist_to_scan >>>> % xargs clamdscan < /tmp/filelist_to_scan >>>> >>> The clamd user would need to be root for this to always work. That is >>> probably not a good idea when scanning user space. >>> >> If clamd doesn't have permissions to read some of the files you want >> to check, use clamscan as root instead, although any potential >> security risk from a maliciously crafted input file would likely >> affect clamscan in such circumstances as well. >> >> Add salt and season to taste. >> >> > > If permissions on home dirs or (dev dirs) are set correctly clamd would > be locked out of all of them. But there's no reason to assume that would > be the case in the OP's world. If it is the case he could always pipe > files as root to the clamd socket. There's a clamd-stream client on > sourceforge from a couple years ago that may do the trick.
clamdscan can do the streaming (although you can't scan anything larger than StreamMaxLength): $ clamdscan - <filetoscan Best regards, --Edwin _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html