On Thu, 29 Jan 2004 at 9:28:51 -0500, Jim Maul wrote: > > -----Original Message----- > > Jose R. Ortiz Ubarri wrote: > > > > > # clamdscan readme.zip > > > /root/readme.zip: Can't access the file ERROR > > > > > > And everything I try to scan gives me the same ERROR. > > > > > I suspect clamd is not running as root, and an ordinary user doesn't > > have privileges to read that file. > > > > Thomas > > > > I have this problem as well. Thing is, i start the clamd service while i > am root, but clamd is running as my clamav user. I always thought this > was the correct way to do it. Isnt clamd running as root a bad idea?
Yes, running clamd as root _is_ a bad idea. > my clamav.conf shows: > > # Run as selected user (clamd must be started by root). > # By default it doesn't drop privileges. > User clamav > > It was set this way by default, i made no changes. Is something else > wrong? No, it's OK. It's done on purpose! In most cases ClamAV is used for scanning email. So it's sufficient to run it as a dedicated user which has read access to stream of mail. If you have such a special need to scan all files in the system (these not readable for all as well), then of course clamdscan won't be able to access them. You can use clamscan instead. Or run clamd as root (not recommended). Note that then all files will be accessible for scanning for every user which isn't a good idea. -- Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only [EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros. [EMAIL PROTECTED] http://www.ClamAV.net/ A GPL virus scanner ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
