Opps, I realized this was sent to the wrong list. Sorry. On Sat, Oct 11, 2008 at 11:29 AM, Some One <[EMAIL PROTECTED]> wrote:
> Hey ClamAV, > > Isn't this considered bad? > > I have the Clam Antivirus Daemon running in a chroot jail as the user > "_clamav". My clamd.conf files is > " > TemporaryDirectory /tmp/ > DatabaseDirectory /ClamAV/virusdb/ > TCPSocket 3310 > TCPAddr 127.0.0.1 > DetectPUA yes > " > > I noticed when using this command in terminal "echo SHUTDOWN | nc localhost > 3310" would kill the daemon. I was not root at the time of sending the > command and the daemon still quits. Isn't this bad? This means that any user > who knows the port number ClamAV Daemon is running on could issue the > "SHUTDOWN" command and kill the process. > > Shouldn't there be a config option or when compiling clamav, telling Clamd > to ignore the shutdown command? I'm not an expert but this seems like a > security risk. > _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
