Date: Mon, 24 May 2004 09:50:29 -0700 (PDT) From: rob@debank.tv To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/67125: Update security/clamav-devel and secure socket Message-ID: <200405241650.i4OGoTSZ068582@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/67125; it has been noted by GNATS. From: rob@debank.tv To: "Oliver Eikemeier" <eikemeier@fillmore-labs.com> Cc: rob@debank.tv, freebsd-gnats-submit@freebsd.org Subject: Re: ports/67125: Update security/clamav-devel and secure socket Date: Mon, 24 May 2004 18:43:33 +0200 (CEST) > rob@debank.tv wrote: > >>>Rob Evers wrote: >>> >>>>Chmod 770 the socket directory >>> >>>What is the purpose of making the directory group writable and >>>the pid unreadable for other processes? >>> >>>-Oliver >> >> Mmm, I did this because the clamd socket is rwxrwxrwx, so every user on >> the system can read the socket, but I guess this is not a good solution >> ;-) > > Do you want to guard against a local denial-of-service attack, or what is > the problem with that? > > -Oliver > No, but I want to be sure that scanned e-mails can't be read by 'normal' system users. Rob
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200405241650.i4OGoTSZ068582>