eTrust Virus Scanner
Kevin Spicer
kevins at BMRB.CO.UK
Fri Sep 12 19:34:04 IST 2003
On Fri, 2003-09-12 at 18:50, Hancock, Scott wrote:
>My dev server is now responding identically.
>Mailscanner is reporting only clam is analizing the attachment.
Okay theres a lot of info there, some of which is a bit misleading.
Heres what I think is happening....
inocmd32 needs the LD_LIBRARY_PATH setting as shown...
/opt/eTrustAntivirus/secu/lib:/opt/eTrustAntivirus/ino/config:/opt/eTrus
tAntivirus/ino/lib
Is also needs to be run as root, unfortunately running it suid doesn't
work. In all probability it is checking the Real User ID rather than
the Effective User ID.
The only immediately obvious way to get round this (to me, right now
that is) is to have the program called by a SUID program, rather than
being SUID itself (so that it inherits the parent processes EUID as its
UID). The obvious way to do this is with sudo [someone did suggest that
previously].
First, restore the original permissions to the inocmd32 binary (and
clean up all the other changes if you like) then create the following
sudo configuration (make sure you edit the file with visudo).
##Begin sudoers file
User_Alias MAIL = mail
Runas_Alias ROOT = root
Host_Alias LOCALHOST = 127.0.0.1
Cmnd_Alias ETRUST = /opt/eTrustAntivirus/ino/bin/inocmd32
Defaults mailto = you at yourdomain.com
Defaults env_reset = true
Defaults env_keep = LD_LIBRARY_PATH
MAIL LOCALHOST = (ROOT) NOPASSWD: ETRUST
## End sudoers file
Then modify the command in the last line of the etrust wrapper to
read...
exec sudo $prog $ScanOptions "$@"
Then test!
BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_________________________________________________________________
This message (and any attachment) is intended only for the
recipient and may contain confidential and/or privileged
material. If you have received this in error, please contact the
sender and delete this message immediately. Disclosure, copying
or other action taken in respect of this email or in
reliance on it is prohibited. BMRB International Limited
accepts no liability in relation to any personal emails, or
content of any email which does not directly relate to our
business.
More information about the MailScanner
mailing list