[Pkg-clamav-devel] chown clamav:adm /etc/clamav/freshclam.conf ?
Stephen Gran
sgran at debian.org
Tue Sep 28 10:49:44 UTC 2010
This one time, at band camp, Michael Tokarev said:
> What's the reason of chown'ing the conffile in the postinst
> script -- in the first place (the conf files are usually
> owned by root:root, except of unusual conditions), and
> unconditionally, even if an admin changed the ownership
> locally? To me the former is a serious bug, and the
> latter is a policy violation, but I'd like to know the
> reasoning before filing bugs.
The config file can have proxy user/password settings in it. If this is
the case, we try to ensure that the file is readable by the freshclam
daemon, but not world readable.
Cheers,
--
-----------------------------------------------------------------
| ,''`. Stephen Gran |
| : :' : sgran at debian.org |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20100928/5b9bf4c0/attachment.pgp>
More information about the Pkg-clamav-devel
mailing list