When clamd is listening via TCPsocket it seems to be possible for any user to shut it down by sending SHUTDOWN using e.g. telnet clamdhost 3310 SHUTDOWN
Can this behaviour be disabled or restricted? It would appear that this could be abused for a DOS attack against a clamav server. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html