[clamav-users] Using clamd across containers
Paul Kosinski
clamav-users at iment.com
Sat Jul 23 20:57:43 UTC 2016
Yes, thanks, but I'm already using TCPSocket for this purpose -- without
Containers.
My question is whether a file descriptor passed via a socket is valid
in a different container than where it was created. I can easily see the
kernel rejecting it as a security violation, maybe unless some option
is set for the Container(s), or on the FD itself. Even clamd(scan) might
have a problem, I suppose, if the FD mechanism wasn't designed with
Containers in mind.
On Sat, 23 Jul 2016 18:20:15 +0100 (BST)
"G.W. Haywood" <clamav at jubileegroup.co.uk> wrote:
> Hi there,
>
> On Sat, 23 Jul 2016, Paul Kosinski wrote:
>
> > ... Could this be made to work if clamd were running in a different
> > Linux container?
>
> Yes.
>
> man clamd.conf
>
> Look for 'TCPSocket'.
>
More information about the clamav-users
mailing list