[Mimedefang] Mimedefang and clamd configuration problems

Matthew.van.Eerde at hbinc.com Matthew.van.Eerde at hbinc.com
Wed Dec 21 15:30:11 EST 2005


Dave Helton wrote:
> 	./configure --with-user=defang --with-group=defang
...
> Since I only use clamd with MD on my server I don't see this as
> a security issue.  Someone chirp up if the above raises a concern.

Umm... the only security worry is that if someone hoses clamav (say, through a buffer overflow) then clamav will have *write* access to the MIMEDefang spool.

The other method... adding clamav to the defang group and adding group-read access to the spool... would give the hacker only *read* access to the MIMEDefang spool.

But ClamAV is not likely to be exploited... AV software tends to be more secure than software in-the-main.

-- 
Matthew.van.Eerde (at) hbinc.com               805.964.4554 x902
Hispanic Business Inc./HireDiversity.com       Software Engineer



More information about the MIMEDefang mailing list