At 28/09/2004 28/09/2004 +0200, you wrote:

Simscan creates the working directory with a privilege of 700. in this way clamd
must run with the same owner of simscan to access the msg.

They work on the same files (and only on those files), so why should they have different users?

I feel this design to be very safe, because clamd should be dedicated to e-mail only.
There should be more safety having them only accessing the files with the same uid/permissions.

To complete the security of the system, clamd client should be activated by simscan user only.

Changing the privilege to 755 clamd and spamd can access the working
directory regardless of clamd process user.

mod 755 means every one in the system may access those files.



To apply the change -  search this

  /* create the directory */
  if ( mkdir(workdir, 0700) == -1 ) {

and replace with this

  /* create the directory */
  if ( mkdir(workdir, 0755) == -1 ) {


------------------------------------------------------------ [EMAIL PROTECTED] Interazioni di Antonio Nati [EMAIL PROTECTED] ------------------------------------------------------------

Reply via email to