On Fri, Jan 28, 2005 at 06:40:32AM -0700, Hal Goldfarb said: > On Friday 28 January 2005 03:31, Niek wrote: > > On 1/28/2005 11:25 AM +0100, Hal Goldfarb wrote: > > > clamdscan uses the clamd daemon to perform scans, and since it runs as > > > user clamav (or the like), it does not have enough permissions to scan > > > calling user's directories if they are protected. > > > > > > For instance, my .tvtime subdirectory in my home will be scanned by > > > clamscan, but will generate errors using clamdscan. I understand why, > > > but isn't this some sort of shortcoming of this design? > > > > > > I will use clamscan, not clamdscan, until this can be addressed. > > > > Run clamd as a user with enough privileges. > > > > Niek > > Er, uh, unless Linux has invented some permissions schemes I do not know > about > (which is entirely possible), I think that would be root. And that is > probably not such a great idea.
Use group permissions. If your users are in group users (a pretty common configuration for multi-user systems), then just add clamv to group users, and make sure AllowSupplementaryGroups is in clamd.conf. -- -------------------------------------------------------------------------- | Stephen Gran | About the only thing on a farm that has | | [EMAIL PROTECTED] | an easy time is the dog. | | http://www.lobefin.net/~steve | | --------------------------------------------------------------------------
pgpqqiEUeRID8.pgp
Description: PGP signature
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
