On 10 8 2004 at 4:08 pm -0400, Michael Carmack wrote:
>The pipe is necessary if you are running clamd as a different user than
>courier. For example, on my system clamd runs as the 'clamav' user, and
>courier runs as the 'courier' user. If the second approach is working
>for you, you must be running clamd and courier as the same user.
>(Personally I think this is not a good idea.)
Hmmm. Well since it is clamdscan which is reading the message, I presume
you are implying that it should be set{u|g}id clamav, but apparently mine
is not:
-rwxr-xr-x 1 root root 21304 Aug 10 09:34 /usr/bin/clamdscan
Should it be? (If so I'll file this as a gentoo bug...)
Nonetheless I still don't understand why your original code was hanging
my system. If courier wrote the message file and is invoking the command
line, there should be no permission problem with the cat...
>I am curious about the error you are getting though. I just installed
>the latest clamav (0.75.1), and I tested it with a couple viruses and it
>worked fine. This entry in the ChangeLog for 0.75.1 may be relevant:
>
> * clamdscan: fix stdin scanning in local mode (patch by Stephen
> Gran <steve*lobefin.net>)
>
>Try 0.75.1 and see if that solves the problem.
Bingo, that indeed solves the problem. Thanks for alerting me!
>> As an unrelated aside, I also earlier changed the result code ("virus
>> detected") from 500 to 577, which seems more consistent with the
>> semantics described in RFC 1893.
>
>I don't mind changing this, but what is your rationale?
In section 2, the "x.7.x" code represents a result due to "security or
policy status", such as "...failures involving policies such as per-
recipient or per-host filtering and cryptographic operations".
In section 3.8, the "x.7.7" code represents a "message integrity
failure", which is indicated "...because the message was corrupted or
altered".
These two conditions (security status relating to filtering, and failed
message integrity due to corruption) seem consistent with virus filtering
on the message, so I figured a 577 result was more informative than just
a 500. Not a biggie really, though.
-ben
--
Ben Kennedy, chief magician
zygoat creative technical services
613-228-3392 | 1-866-466-4628
http://www.zygoat.ca
-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
