[EMAIL PROTECTED] wrote:
Im having a problem with this new virus Trojan.Ascetic.C. I have clamav scanning mail through clamassassin (procmail). It isnt catching any of them. I have upgraded to the latest version of clamav and am using clamassassin 1.2.2. Any ideas how I can get it to start?Send clamav-users mailing list submissions to [email protected]
To subscribe or unsubscribe via the World Wide Web, visit http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED]
You can reach the person managing the list at [EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific than "Re: Contents of clamav-users digest..."
Today's Topics:
1. Re: 0.85 & 0.81.1 tha same troubles with milter (Jason Frisvold) 2. Re: 0.85 & 0.81.1 tha same troubles with milter (Brian Morrison) 3. Re: 0.85 & 0.81.1 tha same troubles with milter (Dennis Peterson) 4. Re: 0.85 & 0.81.1 tha same troubles with milter (Jim Maul) 5. Re: 0.85 & 0.81.1 tha same troubles with milter (Dennis Peterson) 6. Re: Re: virus passing through clamav-milter, but not through clamdscan! (Stephen Gran) 7. Re: sober.p and german adverts? ([EMAIL PROTECTED]) 8. Re: sober.p and german adverts? (Matt Fretwell) 9. Re: sober.p and german adverts? ([EMAIL PROTECTED])
----------------------------------------------------------------------
Message: 1 Date: Tue, 17 May 2005 14:26:46 -0400 From: Jason Frisvold <[EMAIL PROTECTED]> Subject: Re: [Clamav-users] 0.85 & 0.81.1 tha same troubles with milter To: ClamAV users ML <[email protected]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1
On 5/17/05, Dennis Peterson <[EMAIL PROTECTED]> wrote:
You said it shouldn't log to / and there's no reason it shouldn't if that
is where one wishes it to log. There's lots of reasons why that would be a
bad idea, but it's an admin decision, not an application issue.
It sounds like clam is creating the log files *before* the root startup process hands over control to the user defined in the config files. In 0.84 and prior, it sounds like there was something that handed off an open filehandle to the defined user, but that filehandle was opened by root... I'm not sure if that's possible or not, so please correct me if I'm wrong.. :)
It seems that the current behaviour is more correct, but still not completely correct.. I would expect that when clamav starts, all control should be handed to the defined user immediately and then files should be created, opened, etc...
It's possible that the current problems are mostly due to pre-existing logfiles that are already owned by root, as opposed to new installations. To be honest, I haven't tried a new install to see if the files are still created with "improper" permissions.
dp ... did I mention I'm anal?
Isn't anal a required attribute for those who are security conscious? ;)
ddh
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
