Jim Maul said: > Dennis Peterson wrote: >> >> That would be a good trick if the directory it is found in is owned ro >> by >> root. I suppose it could be created by root then chowned to clam_user, >> but >> that too presumes much. To make it entirely turnkey the process should >> see >> if the user-selected log directory is readable by clam_user first, then >> it >> should see if the file already exists (or if a directory of the same >> name >> exists), and if it is writable by clam_user. If everything isn't perfect >> it could fail with a warning to the console. Now what to do about your >> log >> rotator? How should clam predict a misconfigured rotator? That seems >> like >> a lot of hand holding. >> >> Call me old fashioned, but this is something I like to deal with myself. >> There's still a roll for the thinking admin. >> >> > > No, dont get me wrong here, im not saying clamav should "predict" > anything. Nor should it have to deal with misconfigured software. This > is of course left up to the admin. However, it seems that it *creates* > the logfile owned by root. And that..well..just isnt right.
Maybe I should have said "doughnut" :-) I meant role. I use syslog for the log files here because I want them available to a common remote logger server for processing. Ownership is not a problem, and it's one less issue the deal with. My underlying point is that a take-charge admin would have no problem dealing with this "bug". dp _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
