Citeren Michael Orlitzky via clamav-users <clamav-users@lists.clamav.net>:
On 2020-08-21 08:11, Arjen de Korte via clamav-users wrote:Not unconditionally. See the following from 'man 5 systemd.service': "The PID file does not need to be owned by a privileged user, but if it is owned by an unprivileged user additional safety restrictions are enforced: the file may not be a symlink to a file owned by a different user (neither directly nor indirectly), and the PID file must refer to a process already belonging to the service."FWIW this was committed on Jan 8th 2018, and solves the problem by keeping a separate pid <-> process <-> service map that's writable only by root. The patch in question provides the same security to other service managers.
Great, but what happened to daemonizing clamd? _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
