Allmatch will not work with clamd fd passing either. Please open a buzilla request for allmatch when using fd passing or instream. bugzilla.clamav.net.
Thanks, Steve On Wed, Feb 3, 2016 at 12:09 PM, Torge Husfeldt <torge.husfe...@1und1.de> wrote: > Hi, > > what about passing an (alredy open) filehandle through the clamd-socket? > Currently we're facing the tradeoff between giving the clamd-process > more permissons or running multiple instances of the scanning-engine > (clamd + clamscan) and parsing the output of clamscan with "tainted" > filenames. > > Thanks > > Am 01.02.2016 um 21:54 schrieb Steven Morgan: > > Bernhard, > > > > Clamd does not currently support ALLMATCH mode with the INSTREAM > protocol. > > The only other suggestion I can offer is to preserve those files found to > > contain viruses and research them separately using ALLMATCH. > > > > Steve > > > > On Mon, Feb 1, 2016 at 5:27 AM, Bernhard Vogel <bernhard.vo...@1und1.de> > > wrote: > > > >> Hi, > >> > >> is there an option in clamd to combine INSTREAM and ALLMATCHSCAN? > >> > >> We scan files which have already been locked (permission: 200 or > similar) > >> by another process/shellscript. Clamd runs with user "clamav" > priviledges. > >> At the moment we stream the content of the locked files to CLAMD with > the > >> INSTREAM option. > >> > >> Since I also require to do an allmatchscan to review our malware > >> signatures, I need to combine INSTREAM and ALLMATCHSCAN. > >> > >> How can I ALLMATCHSCAN files only accesible by root, without doing > >> something like "sudo clamscan -z ...." > >> > >> > >> > >> > >> Regards, > >> Bernhard > >> _______________________________________________ > >> Help us build a comprehensive ClamAV guide: > >> https://github.com/vrtadmin/clamav-faq > >> > >> http://www.clamav.net/contact.html#ml > >> > > _______________________________________________ > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > > > -- > Torge Husfeldt > > Senior Anti-Abuse Engineer > Hosting Security > > 1&1 Internet Service GmbH | Brauerstraße 50 | 76135 Karlsruhe | Germany > Phone: +49 721 91374-4795 > E-Mail: torge.husfe...@1und1.de | Web: www.1und1.de > > Hauptsitz Montabaur, Amtsgericht Montabaur, HRB 20141 > > Geschäftsführer: Christian Bigatà Joseph, Hans-Henning Kettler, Uwe Lamnek > > > Member of United Internet > > Diese E-Mail kann vertrauliche und/oder gesetzlich geschützte > Informationen enthalten. Wenn Sie nicht der bestimmungsgemäße Adressat > sind oder diese E-Mail irrtümlich erhalten haben, unterrichten Sie bitte > den Absender und vernichten Sie diese E-Mail. Anderen als dem > bestimmungsgemäßen Adressaten ist untersagt, diese E-Mail zu speichern, > weiterzuleiten oder ihren Inhalt auf welche Weise auch immer zu verwenden. > > This e-mail may contain confidential and/or privileged information. If > you are not the intended recipient of this e-mail, you are hereby > notified that saving, distribution or use of the content of this e-mail > in any way is prohibited. If you have received this e-mail in error, > please notify the sender and delete the e-mail. > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml