On Tue, May 17, 2005 at 07:03:10AM -0700, Dennis Peterson said: > That would be a good trick if the directory it is found in is owned ro by > root. I suppose it could be created by root then chowned to clam_user, but > that too presumes much. To make it entirely turnkey the process should see > if the user-selected log directory is readable by clam_user first, then it > should see if the file already exists (or if a directory of the same name > exists), and if it is writable by clam_user. If everything isn't perfect > it could fail with a warning to the console. Now what to do about your log > rotator? How should clam predict a misconfigured rotator? That seems like > a lot of hand holding.
On Tue, May 17, 2005 at 07:04:56AM -0700, Dennis Peterson said: > I think it would be better if clamd, like syslogd, didn't create the file > at all. End of problem. So you want either all possible checks, or no seperable logging? That does seem like a rather drastic set of solutions to a trivial to fix bug. Moving about 10 lines of code will fix the bug under discussion, and the rest is the job of the packager/local admin. I have to say I have never noticed this bug up until now, because the install scripts and logrotate scripts I use handle permissions in a way that allows it to work (pats self on back, and wrenches arm doing so). 5 minutes looking at the code could have avoided several hundred lines of email, methinks. -- -------------------------------------------------------------------------- | Stephen Gran | A holding company is a thing where you | | [EMAIL PROTECTED] | hand an accomplice the goods while the | | http://www.lobefin.net/~steve | policeman searches you. | --------------------------------------------------------------------------
pgpkqGmT5G7ze.pgp
Description: PGP signature
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
