On Fri, 18 Oct 2019, Ian via clamav-users wrote:
On Oct 18, 2019, at 10:10 AM, G.W. Haywood via clamav-users <clamav-users@lists.clamav.net> wrote:
On Fri, 18 Oct 2019, Ian via clamav-users wrote:
Government regulations require that I scan the entire filesystem daily --
Which government is this, and which regulations?
https://nvd.nist.gov/800-53/Rev4/control/RA-5
I don't see where that document requires what you say it requires.
These controls relate to each other -- this one is more on point:
Malicious Code Protection
but it ties in with others like the one I cited before, and these:
Continuous Monitoring
Security Assessment and Authorization
All of these are /part/ of Fedramp. Fedramp is not the only government regulation I have to deal with.
It was determined that we needed to do daily scans by auditors
familiar with these regulations. Please don’t blame the victim.
Did these auditors recommend anti-virus scanning, or perhaps ClamAV?
This line of questioning is completely off-topic and unhelpful. Even if it was the case that somehow I don't need to scan the /tmp folder due to government regulations, scanning temp folders is not an unreasonable request. These are actual files on a file system that could very much contain malware.
Are you going to address why 'clamscan --tempdir /tmp /tmp' doesn't produce the same behavior, that 'clamdscan /tmp' does?