[Mimedefang] Using ClamAV with default run-as-user settings
Kenneth Porter
shiva at sewingwitch.com
Wed Feb 11 19:31:41 EST 2004
--On Wednesday, February 11, 2004 5:41 PM +0000 Rob
<rob_macgregor at hotmail.com> wrote:
> I've found a simple fix - put the following in your mimedefang-filter:
>
> $ClamdSock = "/var/run/clamav/clamd";
>
> I'm now happily running clamd as the default user clamav without issue. No
> more ownership or upgrade issues. Maybe we could ask that this becomes the
> default location for future use, or a search list is used (try the default
> clamd location first, then the MD custom location second)?
But can the clamd user access the defang-owned directories? My concern was
that it couldn't because the directory was mode 700. The fix would be to
create directories as 770 (files within as 660) and add clamd to the defang
group. Any reason that MD doesn't use 770/660? (It may be a RedHat-ism that
the user and group have the same name and ID.) I'd be happy if it was a
compile-time option, perhaps triggered by distro detection.
More information about the MIMEDefang
mailing list