Why not use the native perl function instead of calling out to system()?
In my plugins/clamav I added (right after the tempfile creation):
chmod 0640, $filename;
For troubleshooting purposes, it's handy to comment out the line:
unlink($filename);
about halfway down the clam_scan() function. Do that, then have someone
send you a known virus. Then `ls -lrt /tmp | tail` should yield your
incoming file(s). It'll be a 10-character scrambled-looking filename.
Copy that file out to somewhere safe then un-comment that line again so
you don't fill up your /tmp dir.
You can use that file for manual testing thru clamscan and clamdscan as
it is exactly what your MTA is feeding them at receive-time...
-f
On Fri, 30 Jan 2004, Bryan Scott wrote:
# I found out through some troubleshooting that the clamav user doesn't have
# access to read the files created by qpsmtpd to scan them, so it silently bows
# out. After adding a system("chmod a+r $tmpfile") it stopped complaining, but it
# still didn't catch the worm.
