[clamav-users] OnAccessScan doesn't prevent Access
vamp898
vamp898 at ignaz.org
Thu Nov 8 09:25:39 UTC 2018
Hi there,
i am running an Kernel 4.19.1 System with fanotify enabled
CONFIG_FANOTIFY=y
CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y
And i enabled OnAccessScan in clamd
OnAccessMountPath /var/www/localhost/htdocs/nextcloud/data
OnAccessMaxFileSize 50M
OnAccessPrevention yes
But he does not block the access :(
cat
/var/www/localhost/htdocs/nextcloud/data/administrator/files/eicar.com
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
This is how the logs looks like when i do this
Thu Nov 8 10:13:51 2018 -> ScanOnAccess: notifying only for access
attempts.
Thu Nov 8 10:13:51 2018 -> ScanOnAccess: Protecting
'/var/www/localhost/htdocs/nextcloud/data' and rest of mount.
Thu Nov 8 10:13:51 2018 -> ScanOnAccess: Max file size limited to
52428800 bytes
Thu Nov 8 10:15:09 2018 -> ScanOnAccess:
/var/www/localhost/htdocs/nextcloud-14.0.3/data/administrator/files/eicar.com:
Eicar-Test-Signature FOUND
Any help highly appriciated =)
More information about the clamav-users
mailing list