Running clamd as Root?

Rick Cooper rcooper at dwford.com
Mon Jul 16 20:49:26 IST 2007


I run it as root myself, of course there is always the remote possibility of
an issue but there are no shell accounts (except mine) on my mail (or web,
proxy, etc) servers everything is virtual (with exim/dovecot/pure-ftpd). I
also use a Unix socket rather than TCP socket. IIRC the default clam install
runs as root (not default package as that is up to the maintainers). But I
also use clamd with viralator and Squid so it's just easier.

Rick

 > -----Original Message-----
 > From: mailscanner-bounces at lists.mailscanner.info 
 > [mailto:mailscanner-bounces at lists.mailscanner.info] On 
 > Behalf Of Paul Hutchings
 > Sent: Tuesday, July 17, 2007 12:17 AM
 > To: MailScanner discussion
 > Subject: Running clamd as Root?
 > 
 > I appreciate this isn't strictly a MailScanner issue, but as 
 > this box is
 > dedicated to Postfix/MailScanner I thought I'd ask here.
 > 
 > I'd been having awful trouble getting MailScanner to work with clamd
 > with Postfix as my MTA.  Doubtless due to permissions and my lack of
 > understanding of how they work in fine detail on *nix.
 > 
 > One suggestion (the simplest) was to simply run clamd as root.
 > 
 > I've done this and it appears to be working, and appears to 
 > be an order
 > of magnitude quicker than using "clamav".
 > 
 > I'd appreciate a sanity check on whether there is any harm in doing
 > this?
 > 
 > I've checked and clams is only listening on port 3310 on 127.0.0.1
 > 
 > TIA
 > 
 > 
 > -- 
 > MIRA Ltd.
 > 
 > Watling Street, Nuneaton, Warwickshire, CV10 0TU, England.
 > 
 > Registered in England No. 402570
 > VAT Registration  GB 114 5409 96
 > 
 > The contents of this e-mail are confidential and are solely 
 > for the use of the intended recipient.
 > If you receive this e-mail in error, please delete it and 
 > notify us either by e-mail, telephone or fax.
 > You should not copy, forward or otherwise disclose the 
 > content of the e-mail as this is prohibited.
 > 
 > 
 > --
 > MailScanner mailing list
 > mailscanner at lists.mailscanner.info
 > http://lists.mailscanner.info/mailman/listinfo/mailscanner
 > 
 > Before posting, read http://wiki.mailscanner.info/posting
 > 
 > Support MailScanner development - buy the book off the website!
 > 
 > --
 > This message has been scanned for viruses and
 > dangerous content by MailScanner, and is
 > believed to be clean.
 > 
 > 


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.




More information about the MailScanner mailing list