Date: Tue, 25 May 2004 13:27:23 +0200 From: Oliver Eikemeier <eikemeier@fillmore-labs.com> To: rob@debank.tv Cc: ports-committers@freebsd.org Subject: Re: cvs commit: ports/security/clamav-devel [...] pkg-install [...] Message-ID: <40B32D9B.7060109@fillmore-labs.com> In-Reply-To: <61184.193.79.18.58.1085480636.squirrel@debank.tv> References: <200405242302.i4ON2NcJ063759@repoman.freebsd.org> <ygehdu4ubgm.wl%ume@FreeBSD.org> <52001.193.79.18.58.1085477488.squirrel@debank.tv> <40B3167F.8060509@fillmore-labs.com> <50813.193.79.18.58.1085479430.squirrel@debank.tv> <40B31D4A.5080607@fillmore-labs.com> <61184.193.79.18.58.1085480636.squirrel@debank.tv>
next in thread | previous in thread | raw e-mail | index | archive | help
rob@debank.tv wrote: >>rob@debank.tv wrote: > > > --8<---- > snipped > --8<---- > > >>>>I still don't get the purpose of not allowing non-root processes >>>>to use clamav. This would break my exim installation, fortunately >>>>I'm using security/clamav, where this change hasn't been made. >>>> >>>>-Oliver >>> >>>Isn't there a security risk allowing every user to read the clamd socket >>>? >>>(that's why I made this change). >> >>None that I would be aware of. Of course local users could run a >>denial-of-service >>attack using clamdscan, but I don't think this is an adequate counter >>measure. >> >>What made you think that having every user being able to read the clamd >>socket is a security risk? >> >>-Oliver > > Doesn't the scanned e-mail pass through the socket allowing every user to > read all scanned e-mails ? No, that would be a really badly designed system. What made you think that this might be the case? -Oliver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40B32D9B.7060109>