Betr.: Owner/group/perms on /var/spool/MailScanner keep clamav from scanning

[Martijn]

Hi Arjan,

On 20-11-2012 13:27, Arjan Melein wrote:
> I have the incoming work group set to 'postfix' and unless you are using clamd instead of clamscan the AV will be launched as the same user MailScanner runs as which is 'postfix'.
> If you are running with clamd i'd suggest trying to run it as postfix as an easy fix, or add the clam user to the postfix group.
> If you're using clamscan change the work group to postfix.
> I actually have the permissions set to 0660, forgot if this is to fix AV problems or something to do with MailWatch.. its been a while since I installed our running machine.

I understand how running clamav as postfix would make the error 
disappear, but that kind of fix implies a lot more than just that. I 
wouldn't recommend doing it that way.

ClamAV has a history with vulnerabilities, for example the recent 
http://www.ubuntu.com/usn/usn-1482-1/ - it's not impossible a (future) 
vulnerability may somehow lead to someone accessing files that 
previously could only be read by postfix itself, instead of postfix and 
clamav.

I'm using clamd by the way - it's how the recent Baruwa package 
installed it.

- Martijn