eTrust Virus Scanner - New FAQomatic subcatagory

Hancock, Scott HancockS at MORGANCO.COM
Wed Sep 17 22:07:25 IST 2003 

Thanks for the review. 

I was wondering if the sudo autoupdate script was necessary.  I'll test
running it as root.  I had asked the list yesterday if setting "run as
mail" in Mailscanner.conf meant that all of MailScanner including the
autoupdate script also would run as mail.

Ps aux yields:

mail       496  0.0  1.1 14048 11828 ?       S    09:28   0:00
/usr/bin/perl -I/opt/MailScanner/lib /opt/MailScanner/bin/MailScanner
/opt/MailScanner/etc/MailScanner.conf

I didn't get into the file locations because of different linux
distributions.  I'm on Debian and don't have a cron.hourly and I run
from the tar distribution of mailscanner because of the large gap in
Debian packages. Although Matthias Klose has graciously started as the
packaged maintainer (again is it?), I haven't converted back to the .deb
install.  In short I don't have a /usr/lib/MailScanner.  My home
directory is probably a poor choice, but given the iterations I was
going thru /opt/Mailscanner I didn't want to accidentally rm -R * them
either.

The files in /home/scott/scripts are root:root 755 already.  

I'll edit based on your comments tomorrow.

Ahem "Kevin", thanks for the "appearance" pointer.  I got the
subcategory set.

Scott



 



 >-----Original Message-----
 >From: Kevin Spicer [mailto:kevins at BMRB.CO.UK]
 >Sent: Wednesday, September 17, 2003 4:09 PM
 >To: MAILSCANNER at JISCMAIL.AC.UK
 >Subject: Re: eTrust Virus Scanner - New FAQomatic subcatagory
 >
 >On Wed, 2003-09-17 at 20:30, Hancock, Scott wrote:
 >
 >>Boy if the "add subcategory" is there I can't see it.  It wouldn't be
 >>the first time however.
 >
 >A the bottom of the page select 'appearance'.  Then set it to show
 >expert editing commands.  (this gives you lots of functionality but
 >looks awful!)
 >
 >>Here is my "How to".
 >
 >>http://www.morganco.com/EtrustSetup.html
 >
 >>Any comment on the "How to"?  I think I got everything.
 >
 >I still think that you don't need the autoupdate stuff.  The
mailscanner
 >autoupdate is called by update_virus_scanners in /etc/cron.hourly, so
is
 >running as root (theres nothing in there to drop privileges).  I'd
 >suggest that stages 4,5,6 may be redundant.  I have a hunch that your
 >scanner is being updated both by MailScanner and your script.
 >
 >I'd also suggest moving your scripts to a more suitable location,
really
 >your home directory shouldn't be readable by other users.
 >/usr/lib/MailScanner is probably a good place (keep everything
 >together).  I would also take care to set suitable ownership and
 >permissions on scripts, particularly on multi user systems.  Because
 >your script is run via sudo it is run with root permissions, so would
be
 >a gift to an attacker.  You should set it to owner root, group root,
 >mode 755 and make sure that the parent directory is also owned by root
 >and set to 755.
 >
 >Heaven only knows why you needed to reboot, this isn't Windows!
 >
 >And please don't call me Mr! ;)
 >
 >
 >
 >
 >BMRB International
 >http://www.bmrb.co.uk
 >+44 (0)20 8566 5000
 >_________________________________________________________________
 >This message (and any attachment) is intended only for the
 >recipient and may contain confidential and/or privileged
 >material.  If you have received this in error, please contact the
 >sender and delete this message immediately.  Disclosure, copying
 >or other action taken in respect of this email or in
 >reliance on it is prohibited.  BMRB International Limited
 >accepts no liability in relation to any personal emails, or
 >content of any email which does not directly relate to our
 >business.

More information about the MailScanner mailing list