[Mimedefang] clamd is not responding?

Douglas J Hunley doug at hunley.homeip.net
Mon Oct 28 23:00:02 EST 2002

Hash: SHA1

Jason Englander spewed electrons into the ether that resembled:
> Some do, yes - but when you're dropping privs to user 'defang' you want it
> to go into a directory that 'defang' can read/write to.  Like your MD
> spool directory.  The socket goes there for the same reason.

ok, but I had created subdirs under /var/run and it could write to the correct 

> If someone is able to exploit something acting as smmsp they can do
> anything that smmsp can do, they can read/write to files and dirs that
> smmsp can.  Why broaden that to include anything more than (parts of)
> sendmail?  You could run MIMEDefang as user nobody, but if someone breaks
> in through a hole in Apache - now they can mess with both.

OK. I guess we just see this differently. I see it that if they exploit *any* 
part of the mail process, they might as well own any other part of the mail 
process..., but that's just me.

> It was the limit of threads you had set, right?  (for those that don't
> read the clamav mailing list)

seems to have been. I had to go to 200 threads to get it to quit bitching
- -- 
Douglas J Hunley (doug at hunley.homeip.net) - Linux User #174778
Admin: Linux StepByStep - http://www.linux-sxs.org
	and http://jobs.linux-sxs.org

/* vsprintf.c -- Lars Wirzenius & Linus Torvalds. */
 * Wirzenius wrote this portably, Torvalds fscked it up :-)
	2.2.16 /usr/src/linux/lib/vsprintf.c
Version: GnuPG v1.2.1 (GNU/Linux)


More information about the MIMEDefang mailing list