On Friday 28 January 2005 09:57, Stephen Gran wrote: > On Fri, Jan 28, 2005 at 06:40:32AM -0700, Hal Goldfarb said: > > On Friday 28 January 2005 03:31, Niek wrote: > > > On 1/28/2005 11:25 AM +0100, Hal Goldfarb wrote: > > > > clamdscan uses the clamd daemon to perform scans, and since it runs > > > > as user clamav (or the like), it does not have enough permissions to > > > > scan calling user's directories if they are protected. > > > > > > > > For instance, my .tvtime subdirectory in my home will be scanned by > > > > clamscan, but will generate errors using clamdscan. I understand > > > > why, but isn't this some sort of shortcoming of this design? > > > > > > > > I will use clamscan, not clamdscan, until this can be addressed. > > > > > > Run clamd as a user with enough privileges. > > > > > > Niek > > > > Er, uh, unless Linux has invented some permissions schemes I do not know > > about (which is entirely possible), I think that would be root. And that > > is probably not such a great idea. > > Use group permissions. If your users are in group users (a pretty > common configuration for multi-user systems), then just add clamv to > group users, and make sure AllowSupplementaryGroups is in clamd.conf.
Not a bad idea, except that directories like .tvtime are rw owner only. Thanks, Hal _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
