© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
67d34a1
(Get the code!)
Actually, I was just using my homedir as an example. I was actually debugging an issue that a colleague of mine was having with interfacing with clamd in a web application. A quick googling suggests that this issue is causing problems for quite a few people - it's certainly not very user-friendly, and the security benefits are questionable. clamd is already running as a normal user, so shouldn't be able to access sensitive files anyway. I'm not sure what the point is of locking it down further - at least, not by default.
The clamdscan manpage describes clamdscan as:
clamdscan is a clamd client which may be used as a clamscan replacement.
If you're going to lock down clamd in this way, then this is incorrect, and the manpage should be updated to reflect this.