On Sat, Oct 11, 2008 at 11:31 AM, Some One <[EMAIL PROTECTED]> wrote:
> Opps, I realized this was sent to the wrong list. > Sorry. > > > On Sat, Oct 11, 2008 at 11:29 AM, Some One <[EMAIL PROTECTED]>wrote: > >> Hey ClamAV, >> >> Isn't this considered bad? >> >> I have the Clam Antivirus Daemon running in a chroot jail as the user >> "_clamav". My clamd.conf files is >> " >> TemporaryDirectory /tmp/ >> DatabaseDirectory /ClamAV/virusdb/ >> TCPSocket 3310 >> TCPAddr 127.0.0.1 >> DetectPUA yes >> " >> >> I noticed when using this command in terminal "echo SHUTDOWN | nc >> localhost 3310" would kill the daemon. I was not root at the time of sending >> the command and the daemon still quits. Isn't this bad? This means that any >> user who knows the port number ClamAV Daemon is running on could issue the >> "SHUTDOWN" command and kill the process. >> >> Shouldn't there be a config option or when compiling clamav, telling Clamd >> to ignore the shutdown command? I'm not an expert but this seems like a >> security risk. >> > Sorry for the mistakes, I should not top post. Also I do have the right mailing list. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
