ports/67125: Update security/clamav-devel and secure socket
rob at debank.tv
rob at debank.tv
Mon May 24 16:51:06 UTC 2004
The following reply was made to PR ports/67125; it has been noted by GNATS.
From: rob at debank.tv
To: "Oliver Eikemeier" <eikemeier at fillmore-labs.com>
Cc: rob at debank.tv, freebsd-gnats-submit at freebsd.org
Subject: Re: ports/67125: Update security/clamav-devel and secure socket
Date: Mon, 24 May 2004 18:43:33 +0200 (CEST)
> rob at debank.tv wrote:
>
>>>Rob Evers wrote:
>>>
>>>>Chmod 770 the socket directory
>>>
>>>What is the purpose of making the directory group writable and
>>>the pid unreadable for other processes?
>>>
>>>-Oliver
>>
>> Mmm, I did this because the clamd socket is rwxrwxrwx, so every user on
>> the system can read the socket, but I guess this is not a good solution
>> ;-)
>
> Do you want to guard against a local denial-of-service attack, or what is
> the problem with that?
>
> -Oliver
>
No, but I want to be sure that scanned e-mails can't be read by 'normal'
system users.
Rob
More information about the freebsd-ports-bugs
mailing list