Re: [Dazuko-devel] Re: Dazuko device owned by non-root user

dazuko-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Dazuko-devel] Re: Dazuko device owned by non-root user

From:	John Ogness
Subject:	Re: [Dazuko-devel] Re: Dazuko device owned by non-root user
Date:	Fri, 23 Dec 2005 22:05:48 +0100
User-agent:	Debian Thunderbird 1.0.2 (X11/20051010)

robert wrote:
> Thank you for such a detailed response John. Unfortunately, an sgid based 
> solution may not be practical for KlamAV - since the scanner is currently 
> external to KlamAV (i.e. clamd)  and only the source distribution could be 
> sure of altering the permissions on the binary at install stage. (Unless I'm 
> missing a trick!)
> 
> So it does sound that the simplest and safest solution is to access dazuko as 
> root - less user friendly, but definitely safer until I figure a good way of 
> implementing your recommendation.

I'm not familiar with KlamAV, its relationship to clamd, or how the
packages you are refering to are installed. But I don't see why you
can't change the permissions of clamd during KlamAV installation. KlamAV
could even check to make sure that the permissions are set "correctly"
when starting. This is surely easier than trying to run everything as root.

I would expect the current clamav (specifically clamuko) maintainer(s)
to share your goal of supporting a non-priveledged on-access scanner.
Perhaps you can discuss this with them. ??

John Ogness

-- 
Dazuko Maintainer

[Prev in Thread]

Current Thread

[Next in Thread]

[Dazuko-devel] Re: Dazuko device owned by non-root user, John Ogness, 2005/12/23
- [Dazuko-devel] Re: Dazuko device owned by non-root user, robert, 2005/12/23
  - Re: [Dazuko-devel] Re: Dazuko device owned by non-root user, John Ogness <=

Prev by Date: [Dazuko-devel] Re: Dazuko device owned by non-root user
Previous by thread: [Dazuko-devel] Re: Dazuko device owned by non-root user
Index(es):
- Date
- Thread