Hi all,
I have installed the version 1.4.0 sanitizer and passed all the testcases.
However, I found problem when I set up a policy to scan the "executable
files" as follows:
file_list_1 = (?i)\.(com|exe|cmd|bat|lnk|pif)$
file_list_1_policy = accept:save:save
file_list_1_scanner = 0:2,3:/usr/local/bin/sweep.sh %FILENAME
where the /usr/local/bin/sweep.sh (enclosed below) is a script calling the
sophos virus scanner "sweep". It turned out that the a test mail message
attaching a sample virus pattern file "EICAR.COM" was not caught by sweep
and got sending (accept). However, the script worked just fine when
running on a command line with EICAR.COM as the argument (i.e., return 3
on exit). I wondered what I have missed.
Thanks,
KC Chang Tel: +852 2859 7972
Computer Officer Fax: +852 2559 7904
Computer Centre, HKU Email: 17393@xyz.molar.is
== sweep.sh ==
#!/bin/ksh
[ "$1" = "" ] && exit 21
[ -f "$1" ] || exit 20
exec /usr/local/bin/sweep -nb -f -all -rec -ss -sc -archive $1 2>&1 >/dev/null