Open source systems have begun to "get" the virus to care. The gdk-pixbuf software package has been identified by ClamAV antivirus software as virus infection since the releases after gdk-pixbuf-2.37:
The clamdscan virus scanning program of ClamAV package might use unix socket. If we run clamdscan on its own clamscan_t domain, only this domain accesses the socket instead of the user domain. Security policy module clamav is installed by default. However, some of its interfaces have not been used yet. We use clamav_domtrans_clamscan interface to transition domain from user domain to private domain clamscan_t
clamav_domtrans_clamscan(staff_t)
An assignment of the user role to the clamscan_t domain is necessary for security context computing
role staff_r types clamscan_t;
The last requirement is to allow the clamscan_t domain to access the socket
allow clamscan_t init_t:unix_stream_socket connectto;
Now clamdscan runs in clamscan_t domain
Contact: tuyen@omarine.org
Comments
There are currently no comments
New Comment