Sanitizer + Sophos question

From: Corey Appleby (
Date: Fri 15 Nov 2002 - 03:25:03 GMT

  • Next message: Peter Williams: "RE: Sanitizer + Sophos question"


    I'm running the Sanitizer with Sophos' virus scanner. The scanner is
    working, and the sanitizer is working, but I can't get them to work
    together. Here's my setup:

    My sanitizer.rc file calls a wrapper script for sweep.

    file_list_3_scanner = 0:20:24:/usr/local/bin/ %FILENAME
    file_list_3_policy = accept:accept:drop:save
    file_list_3 = (?i)\.(com)$

    here's the contents of that wrapper.

    [ "$1" = "" ] && exit 21
    [ -f "$1" ] || exit 22
    exec /usr/local/bin/sweep -di -eec -nc -p=/var/log/sophos_sweep.log $1
    2>/dev/null > /dev/null

    But when I send myself a .com file, Sanitizer does whatever the default
    policy is for that rule (in this case it saves it) Here's the
    SANITIZER-LOG output:

       Part (pos="962"):
         SanitizeFile (filename="", mimetype="TEXT/PLAIN"):
           Match (rule="3"):
             ScanFile (file="/var/spool/quarantine/"):
               Unknown exit code: 9216

             Enforced policy: save

    Obviously that exit code isn't what I should be getting. Sophos sweep
    should return one of the codes I have listed. Anyone have any idea why
    I'm getting that code? I modeled my wrapper script on the
    script in the Sanitizer "real world configuration" example on Anomy's

    Any help would be greatly appriciated.


    hosted by