On Mon, Jan 15, 2007 at 05:41:52PM -0800, Dennis Peterson said: > It required a visit to the Makefile to see where the user was being > defined and you're right. I did not know this about clamscan and don't > yet understand the rationale, but it does have an impact on systems > where clamscan is intended to be used but not clamd nor clamdscan - > stand alone systems, in other words. I'll have to tweek my Cfengine > configs some. > > Does anyone know what this code is supposed to protect?
My impression is that it is for unpacking archives and following symlinks and so forth - it deliberately drops privileges before doing so, so that sensitive files aren't tampered with, Maybe one of the dev team can shed more light on the subject, but that's what a quick glance through the code suggests. -- -------------------------------------------------------------------------- | Stephen Gran | Often statistics are used as a drunken | | [EMAIL PROTECTED] | man uses lampposts -- for support | | http://www.lobefin.net/~steve | rather than illumination. | --------------------------------------------------------------------------
signature.asc
Description: Digital signature
_______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
