On Tue, 22 Feb 2005 18:45:12 -0500
Bob <[EMAIL PROTECTED]> wrote:
> John Peacock wrote:
> > Hanno Hecker wrote:
> >- add a 'chmod 0640, $filename;' in plugins/virus/clamav
> > before executing clamdscan.
>
>
> Hmmm, allowing another app to tread in our private space... ;-)
> > I suppose we could allow a slightly wider umask for existing spool
> > directories, but the behavior in the default case (creation) should
> > always be minimal.
> I'm not sure changing permissions is what's needed.
> spamd would seem to be in the same situation, why
> is clamd different, or the client side caller clamdscan
> different?
Clamdscan just tells clamd "check the file /foo/bar/baz on disk and tell
me if it's a virus". You need read access to the file for the clamd
user. If clamd would be running as the smtpd user you also have write
access to the spool by some other application.
Clamscan (the non daemon version) checks the file as the executing user,
but that's much slower than telling the daemon to check a file on disk.
Spamc and the spamassassin plugin feed the full message to spamd through
the socket and wait for the status.
Hanno
