[clamav-users] OnAccessScan doesn't prevent Access

vamp898 vamp898 at ignaz.org
Thu Nov 8 09:25:39 UTC 2018


Hi there,

i am running an Kernel 4.19.1 System with fanotify enabled

CONFIG_FANOTIFY=y
CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y

And i enabled OnAccessScan in clamd

OnAccessMountPath /var/www/localhost/htdocs/nextcloud/data
OnAccessMaxFileSize 50M
OnAccessPrevention yes

But he does not block the access :(

cat 
/var/www/localhost/htdocs/nextcloud/data/administrator/files/eicar.com
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

This is how the logs looks like when i do this

Thu Nov  8 10:13:51 2018 -> ScanOnAccess: notifying only for access 
attempts.
Thu Nov  8 10:13:51 2018 -> ScanOnAccess: Protecting 
'/var/www/localhost/htdocs/nextcloud/data' and rest of mount.
Thu Nov  8 10:13:51 2018 -> ScanOnAccess: Max file size limited to 
52428800 bytes
Thu Nov  8 10:15:09 2018 -> ScanOnAccess: 
/var/www/localhost/htdocs/nextcloud-14.0.3/data/administrator/files/eicar.com: 
Eicar-Test-Signature FOUND

Any help highly appriciated =)



More information about the clamav-users mailing list