ClamAV and MailScanner Bug
Desai, Jason
jase at SENSIS.COM
Thu May 5 18:12:37 IST 2005
Julian Field wrote:
> Desai, Jason wrote:
>> Julian, I think I've suggested this before, but don't remember
>> hearing back from you about it. Would it be possible for
>> MailScanner (possibly only once at startup) to determine the real
>> path of the Incoming Work Directory and use that, so that symbolic
>> links would be allowed?
>>
>> Granted, people are not reading the comments in the config file, and
>> are misconfiguring their servers. But to detect and still deliver a
>> virus is not a good thing. And I think with some simple code,
>> MailScanner could reduce the risk of such a misconfigured server.
>> What do you think?
>>
>>
> How would you recommend I do this in a platform-agnostic way? I
> certainly wouldn't trust `pwd`.
I don't know if this is platform-agnostic or not, but what about abs_path
from Cwd? It seems to be a part of the base perl installation, at least for
Debian. Here's a link to a previous post where I gave a small example of
how you could use it.
http://www.jiscmail.ac.uk/cgi-bin/webadmin?A2=ind04&L=mailscanner&P=R555044&
I=-3
If the check was just done once at startup, I don't think it would be too
expensive or hurt performance.
Jase
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list