> On 5 Feb 2020, at 12:38 pm, Ralph Seichter via clamav-users > <[email protected]> wrote: > > * Michael Orlitzky via clamav-users: > >> I've been dragging my feet on these updates because I don't know how >> to fix this. The least-bad idea I have so far is to just patch the >> script to die if it's run as EUID == 0. > > I have run the steps the script would perform when run as root manually > because I refuse to run this particular script as root, ever. I have > seen some risky scripts over the years, but this one should be tossed > and rewritten in a secure fashion (quite possibly not in BASH). > > -Ralph
The author of the script probably does not read this mailing list. Have you put your concerns into the issue tracker on GitHub? https://github.com/extremeshok/clamav-unofficial-sigs <https://github.com/extremeshok/clamav-unofficial-sigs>/issues James.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
