eTrust Virus Scanner

Kevin Spicer kevins at BMRB.CO.UK
Fri Sep 12 19:34:04 IST 2003 

On Fri, 2003-09-12 at 18:50, Hancock, Scott wrote:

>My dev server is now responding identically.

>Mailscanner is reporting only clam is analizing the attachment.

Okay theres a lot of info there, some of which is a bit misleading.
Heres what I think is happening....

inocmd32 needs the LD_LIBRARY_PATH setting as shown...

/opt/eTrustAntivirus/secu/lib:/opt/eTrustAntivirus/ino/config:/opt/eTrus
tAntivirus/ino/lib

Is also needs to be run as root, unfortunately running it suid doesn't
work.  In all probability it is checking the Real User ID rather than
the Effective User ID.

The only immediately obvious way to get round this (to me, right now
that is) is to have the program called by a SUID program, rather than
being SUID itself (so that it inherits the parent processes EUID as its
UID).  The obvious way to do this is with sudo [someone did suggest that
previously].

First, restore the original permissions to the inocmd32 binary (and
clean up all the other changes if you like) then create the following
sudo configuration (make sure you edit the file with visudo).



##Begin sudoers file

User_Alias      MAIL = mail
Runas_Alias     ROOT = root
Host_Alias      LOCALHOST = 127.0.0.1
Cmnd_Alias      ETRUST = /opt/eTrustAntivirus/ino/bin/inocmd32
Defaults        mailto = you at yourdomain.com
Defaults        env_reset = true
Defaults        env_keep = LD_LIBRARY_PATH

MAIL  LOCALHOST = (ROOT) NOPASSWD: ETRUST

## End sudoers file

Then modify the command in the last line of the etrust wrapper to
read...
exec sudo $prog $ScanOptions "$@"


Then test!







BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_________________________________________________________________
This message (and any attachment) is intended only for the
recipient and may contain confidential and/or privileged
material.  If you have received this in error, please contact the
sender and delete this message immediately.  Disclosure, copying
or other action taken in respect of this email or in
reliance on it is prohibited.  BMRB International Limited
accepts no liability in relation to any personal emails, or
content of any email which does not directly relate to our
business.

More information about the MailScanner mailing list