[clamav-users] ClamAV Daemon Log - Filepath of the infected file
Matus UHLAR - fantomas
uhlar at fantomas.sk
Thu Sep 19 18:48:32 UTC 2019
On 19.09.19 18:57, Jorge Martins wrote:
>I Was running like this: clamdscan /home/ --infected --multiscan --fdpass
>
>After some testing I noticed that if I remove the --fdpass the filepath is
>correctly logged
>
>Thu Sep 19 18:27:22 2019 -> /home/test/eicar.txt:
>Eicar-Test-Signature(69630e4574ec6798239b091cda43dca0:69) FOUND
>
>I really don't understand why, even reading the description on the --fdpass
>to me doesn't seam to indicate the the filepath will not be logged, could
>be a bug or is it expected?
I would expect that. fdpass means that not the file path, but the file
content is provided to clamd via file descriptor passing mechanism.
Clamd does not know what the real file path is, so it can't log the file
name.
clamdscan should provide file name in this case
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool.
More information about the clamav-users
mailing list