cvs commit: ports/security/clamav-devel [...] pkg-install [...]
Oliver Eikemeier
eikemeier at fillmore-labs.com
Tue May 25 02:49:28 PDT 2004
rob at debank.tv wrote:
>>Hi,
>>
>>>>>>>On Mon, 24 May 2004 16:02:23 -0700 (PDT)
>>>>>>>Pav Lucistnik <pav at FreeBSD.org> said:
>>
>>[...]
>>pav> - Chmod 770 socket directory
>>pav> - Diff reduction against security/clamav port
>>
>>pav> PR: ports/67125
>>pav> Submitted by: Rob Evers <rob at debank.tv> (maintainer)
>>
>>Could you please change mode of /var/run/clamd to 750? Unless this
>>change, sendmail complains about it and doesn't run.
>>
>>Index: pkg-install
>>diff -u pkg-install.orig pkg-install
>>--- pkg-install.orig Tue May 25 15:57:11 2004
>>+++ pkg-install Tue May 25 17:56:03 2004
>>@@ -38,7 +38,7 @@
>>
>> echo "===> Setting permissions..."
>> mkdir -p "${CLAMRUN}"
>>-chmod 770 "${CLAMRUN}"
>>+chmod 750 "${CLAMRUN}"
>> chown "${CLAMAVUSER}:${CLAMAVGROUP}" "${CLAMRUN}"
>>
>> mkdir -p "${CLAMLOG}"
>>
>>Sincerely,
>>
>>--
>>Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
>>ume at mahoroba.org ume@{,jp.}FreeBSD.org
>>http://www.imasy.org/~ume/
>
> I can confirm this,
>
> Sendmail doesn't like group writable socket directorys, please apply this
> fix. (Bump PORTREVISION)
>
> Rob Evers
I still don't get the purpose of not allowing non-root processes
to use clamav. This would break my exim installation, fortunately
I'm using security/clamav, where this change hasn't been made.
-Oliver
More information about the cvs-ports
mailing list