[Mimedefang] defang running as postfix user
gadnet at aqueos.com
Tue Dec 1 17:12:33 EST 2009
>> I have some little security question regarding mimedefang configuration as i
>> have issue running clamav and postfix with it because of socket owner's right.
>> Do you know if there is any security risk to run defang as the postfix user ?
>> Same question if i run mimedefang as the clamav user ?
> Normally, "mimedefang" is run as user "defang", "postfix" is run as "postfix" and "clamav" is
> run as user "defang" because it is "mimedefang" that calls "clamav". There may be other ways too.
> Depends on your requirements and situation.
yes the problem is that for a simple setup we need to:
- change the postfix/mimedefang init script to change the owner of the
- change the clamav config to use defang user and then change the files
to be owned by defang and restart them all.
I wondered if there was not a better solution. Supplementary group seems
to be completly not working in clamav, all tests done lead to suffering
and no to filtering , same thing i find no other solution to the postfix
"do not run as root" issue with mimedefang socket ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3529 bytes
Desc: S/MIME Cryptographic Signature
More information about the MIMEDefang