eTrust Virus Scanner - New FAQomatic subcatagory

Kevin Spicer kevins at BMRB.CO.UK
Wed Sep 17 21:08:33 IST 2003 

On Wed, 2003-09-17 at 20:30, Hancock, Scott wrote:

>Boy if the "add subcategory" is there I can't see it.  It wouldn't be
>the first time however.

A the bottom of the page select 'appearance'.  Then set it to show
expert editing commands.  (this gives you lots of functionality but
looks awful!)

>Here is my "How to".

>http://www.morganco.com/EtrustSetup.html

>Any comment on the "How to"?  I think I got everything.

I still think that you don't need the autoupdate stuff.  The mailscanner
autoupdate is called by update_virus_scanners in /etc/cron.hourly, so is
running as root (theres nothing in there to drop privileges).  I'd
suggest that stages 4,5,6 may be redundant.  I have a hunch that your
scanner is being updated both by MailScanner and your script.

I'd also suggest moving your scripts to a more suitable location, really
your home directory shouldn't be readable by other users.
/usr/lib/MailScanner is probably a good place (keep everything
together).  I would also take care to set suitable ownership and
permissions on scripts, particularly on multi user systems.  Because
your script is run via sudo it is run with root permissions, so would be
a gift to an attacker.  You should set it to owner root, group root,
mode 755 and make sure that the parent directory is also owned by root
and set to 755.

Heaven only knows why you needed to reboot, this isn't Windows!

And please don't call me Mr! ;)




BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_________________________________________________________________
This message (and any attachment) is intended only for the
recipient and may contain confidential and/or privileged
material.  If you have received this in error, please contact the
sender and delete this message immediately.  Disclosure, copying
or other action taken in respect of this email or in
reliance on it is prohibited.  BMRB International Limited
accepts no liability in relation to any personal emails, or
content of any email which does not directly relate to our
business.

More information about the MailScanner mailing list