[Pkg-clamav-devel] chown clamav:adm /etc/clamav/freshclam.conf ?

Stephen Gran sgran at debian.org
Tue Sep 28 10:49:44 UTC 2010

This one time, at band camp, Michael Tokarev said:
> What's the reason of chown'ing the conffile in the postinst
> script -- in the first place (the conf files are usually
> owned by root:root, except of unusual conditions), and
> unconditionally, even if an admin changed the ownership
> locally?  To me the former is a serious bug, and the
> latter is a policy violation, but I'd like to know the
> reasoning before filing bugs.

The config file can have proxy user/password settings in it.  If this is
the case, we try to ensure that the file is readable by the freshclam
daemon, but not world readable.

|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran at debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20100928/5b9bf4c0/attachment.pgp>

More information about the Pkg-clamav-devel mailing list