| 1 |
On 12/03/2011 08:57 PM, Grant wrote: |
| 2 |
>>> Very cool. I found out clamscan and avgfree scan the filesystem so I |
| 3 |
>>> thought I should set it up, but if it's not necessary I won't bother. |
| 4 |
>>> All of my mail users are on Gentoo so do I need to bother having |
| 5 |
>>> clamav scan my incoming mail? |
| 6 |
>> |
| 7 |
>> |
| 8 |
>> Well, they aren't going to get infected with anything, but ClamAV could |
| 9 |
>> still keep the virus message (which is obviously unwanted) out of their |
| 10 |
>> inbox. There are also some third-party signatures[1] for ClamAV that catch |
| 11 |
>> scam/phishing mail. |
| 12 |
> |
| 13 |
> There is info on Linux viruses here: |
| 14 |
> |
| 15 |
> http://en.wikipedia.org/wiki/Linux_malware |
| 16 |
> |
| 17 |
> I shouldn't be concerned about that? |
| 18 |
> |
| 19 |
|
| 20 |
The "big" risk (although still negligible) is that someone will mail |
| 21 |
your users an executable that does something bad. But, you would have to |
| 22 |
save it under /home, chmod +x it, and then run it manually for it to be |
| 23 |
dangerous. |
| 24 |
|
| 25 |
If you use portage to install packages, you should not ever need to |
| 26 |
chmod +x anything. It's a big red flag and normal users don't even need |
| 27 |
to know how to do it. |
| 28 |
|
| 29 |
Mount /home noexec for extra safety. |
| 30 |
|
| 31 |
Note that antivirus wouldn't help anyway if your users are going to do |
| 32 |
whatever the email says without question =) |
Archives