Yes, thanks, but I'm already using TCPSocket for this purpose -- without Containers.
My question is whether a file descriptor passed via a socket is valid in a different container than where it was created. I can easily see the kernel rejecting it as a security violation, maybe unless some option is set for the Container(s), or on the FD itself. Even clamd(scan) might have a problem, I suppose, if the FD mechanism wasn't designed with Containers in mind. On Sat, 23 Jul 2016 18:20:15 +0100 (BST) "G.W. Haywood" <[email protected]> wrote: > Hi there, > > On Sat, 23 Jul 2016, Paul Kosinski wrote: > > > ... Could this be made to work if clamd were running in a different > > Linux container? > > Yes. > > man clamd.conf > > Look for 'TCPSocket'. > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
