Re: [Qmail-scanner-general]problems with C wrapper

[Bookworm]

Looks like you forgot to remove the taint option from the 
qmail-scanner-queue.pl file.  Edit the file, and remove the -T option in 
the first line.

BW
Francisco Perez wrote:
Hello:
 
Maybe  you've seen this problem before, I'm having problems ruinning 
Qmail-scanner on suse 9.1, althought  I've chowned qscand.qscand and 
suid'ed the C wrapper, when qmail-scanner makes the 
/var/spool/qmailscanner/tmp/{dymanic-directory} It writtes with 
root.root permissionns, and most of the times I cannot even seen 
thesse directories created.
 
So Clamdscan (running as qscand) exits with ERROR can't access the 
file......
 
some settings I have..
 
more /usr/local/etc/clamav.conf | grep qscand
User qscand
 
 ls -l /usr/local/sbin/clamd
-rwxr-xr-x    1 root     root       128408 Jun 21 19:05 
/usr/local/sbin/clamd
ls -l /usr/local/bin/clamdscan
-rwxr-xr-x    1 root     root        49688 Jun 21 19:05 
/usr/local/bin/clamdscan
 
linux:/var/spool/qmailscan # ls -l
total 953
drwxr-xr-x    6 qscand   qscand        328 Jul  2 14:39 .
drwxr-xr-x   11 root     root          336 Jul  1 12:39 ..
drwxrwxr-x    5 qscand   qscand        120 Jul  1 11:14 archive
-rw--w----    1 qscand   qscand     946968 Jul  2 16:05 qmail-queue.log
-rw-------    1 root     root           37 Jul  2 14:39 
qmail-scanner-queue-version.txt
drwxrwxr-x    5 qscand   qscand        120 Jul  1 11:15 quarantine
-rw-r-----    1 root     root        12288 Jul  2 14:38 
quarantine-attachments.db
-rw-rw-r--    1 qscand   qscand       4279 Jun 25 13:49 
quarantine-attachments.txt
drwxrwxrwx    2 qscand   qscand         48 Jul  2 16:05 tmp
drwxrwxr-x    5 qscand   qscand        120 Jul  1 11:15 working
ls -l qmail-scanner-queue*
-rwsr-xr-x    1 qscand   qscand       8292 Jun 25 12:47 
qmail-scanner-queue
-rwxr-xr-x    1 qscand   qscand      86096 Jun 25 13:50 
qmail-scanner-queue.pl

If I try to run setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl 
-z  I get
 
USER       PID %CPU %MEM   VSZ  RSS TTY      STAT START   TIME COMMAND
francis  21679  0.0  0.3  2872 1684 pts/1    S    11:13   0:00 -bash
francis  21736  0.0  0.1  2664  688 pts/1    R    11:15   0:00  \_ ps -auf
francis  21334  0.0  0.3  2872 1684 pts/0    S    08:49   0:00 -bash
root     21660  0.0  0.2  2664 1156 pts/0    S    11:11   0:00  \_ su -
root     21661  0.0  0.3  2812 1648 pts/0    S    11:11   0:00      \_ 
-bash
root     21705  0.6  0.9  7460 4852 pts/0    S    11:14   
0:00          \_ /usr/bin/perl -T /var/qmail/bin/qmail-scan
root       904  0.0  0.0  1500  512 tty6     S    Jul01   0:00 
/sbin/mingetty tty6
root       903  0.0  0.0  1500  512 tty5     S    Jul01   0:00 
/sbin/mingetty tty5
root       902  0.0  0.0  1500  512 tty4     S    Jul01   0:00 
/sbin/mingetty tty4
root       901  0.0  0.0  1500  512 tty3     S    Jul01   0:00 
/sbin/mingetty tty3
root       900  0.0  0.0  1500  512 tty2     S    Jul01   0:00 
/sbin/mingetty tty2
root       899  0.0  0.0  1500  512 tty1     S    Jul01   0:00 
/sbin/mingetty --noclear tty1
 same for qmail-scanner-queue (C wrapper)
 
thanks for your help


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Qmail-scanner-general mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general