anomy-list

Use of Sophos sweep not working

From: Chang Kai Cheong (17393@xyz.molar.is)
Date: Sun 12 Aug 2001 - 10:05:41 UTC

  • Next message: alex morris: "Re: Use of Sophos sweep not working"

    Hi all,

    I have installed the version 1.4.0 sanitizer and passed all the testcases.
    However, I found problem when I set up a policy to scan the "executable
    files" as follows:

    file_list_1 = (?i)\.(com|exe|cmd|bat|lnk|pif)$
    file_list_1_policy = accept:save:save
    file_list_1_scanner = 0:2,3:/usr/local/bin/sweep.sh %FILENAME

    where the /usr/local/bin/sweep.sh (enclosed below) is a script calling the
    sophos virus scanner "sweep". It turned out that the a test mail message
    attaching a sample virus pattern file "EICAR.COM" was not caught by sweep
    and got sending (accept). However, the script worked just fine when
    running on a command line with EICAR.COM as the argument (i.e., return 3
    on exit). I wondered what I have missed.

    Thanks,
    KC Chang Tel: +852 2859 7972
    Computer Officer Fax: +852 2559 7904
    Computer Centre, HKU Email: 17393@xyz.molar.is

    == sweep.sh ==
    #!/bin/ksh
    [ "$1" = "" ] && exit 21
    [ -f "$1" ] || exit 20
    exec /usr/local/bin/sweep -nb -f -all -rec -ss -sc -archive $1 2>&1 >/dev/null



    hosted by molar.is