[clamav-users] Stop clamdscan from stepping on itself?

Ian clamav at zestysoft.com
Sat Oct 19 11:46:06 EDT 2019



> On Oct 19, 2019, at 4:40 AM, G.W. Haywood via clamav-users <clamav-users at lists.clamav.net> wrote:
> 
> On Fri, 18 Oct 2019, Ian via clamav-users wrote:
>>> On Oct 18, 2019, at 10:10 AM, G.W. Haywood via clamav-users <clamav-users at lists.clamav.net> wrote:
>>> On Fri, 18 Oct 2019, Ian via clamav-users wrote:
>>> 
>>>> Government regulations require that I scan the entire filesystem daily --
>>> 
>>> Which government is this, and which regulations?
>> 
>> https://nvd.nist.gov/800-53/Rev4/control/RA-5
> 
> I don't see where that document requires what you say it requires.
> 

These controls relate to each other -- this one is more on point:

Malicious Code Protection

https://nvd.nist.gov/800-53/Rev4/control/SI-3 <https://nvd.nist.gov/800-53/Rev4/control/SI-3>

but it ties in with others like the one I cited before, and these:

Continuous Monitoring

https://nvd.nist.gov/800-53/Rev4/control/CA-7 <https://nvd.nist.gov/800-53/Rev4/control/CA-7>

Security Assessment and Authorization

https://nvd.nist.gov/800-53/Rev4/control/CA-2 <https://nvd.nist.gov/800-53/Rev4/control/CA-2>

All of these are /part/ of Fedramp.  Fedramp is not the only government regulation I have to deal with.


>> It was determined that we needed to do daily scans by auditors
>> familiar with these regulations.  Please don’t blame the victim.
> 
> Did these auditors recommend anti-virus scanning, or perhaps ClamAV?


This line of questioning is completely off-topic and unhelpful.  Even if it was the case that somehow I don't need to scan the /tmp folder due to government regulations, scanning temp folders is not an unreasonable request.  These are actual files on a file system that could very much contain malware.

Are you going to address why 'clamscan --tempdir /tmp /tmp' doesn't produce the same behavior, that 'clamdscan /tmp' does?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20191019/ab2b61b6/attachment.html>


More information about the clamav-users mailing list