You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
40 lines
1.5 KiB
40 lines
1.5 KiB
From 5235a5e518a1b17f50eb0f56c088f3808d939626 Mon Sep 17 00:00:00 2001
|
|
From: Michael Orlitzky <michael@orlitzky.com>
|
|
Date: Tue, 4 Feb 2020 19:34:56 -0500
|
|
Subject: [PATCH 1/1] clamav-unofficial-sigs.sh: disable running as root.
|
|
|
|
The only way I'm going to let this be installed on my machine is if
|
|
it never runs as root. The shit that it does is insane (a priori)
|
|
and also implemented insecurely. There's no good reason to run the
|
|
script as root on Gentoo anyway. A cron job is provided for you,
|
|
or you can use "su -s /bin/bash -c ... clamav" to run it as the
|
|
clamav user.
|
|
---
|
|
clamav-unofficial-sigs.sh | 10 ++++++++++
|
|
1 file changed, 10 insertions(+)
|
|
|
|
diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh
|
|
index aa70db1..60d305b 100644
|
|
--- a/clamav-unofficial-sigs.sh
|
|
+++ b/clamav-unofficial-sigs.sh
|
|
@@ -3,6 +3,16 @@
|
|
# shellcheck disable=SC2120
|
|
# shellcheck disable=SC2128
|
|
# shellcheck disable=SC2154
|
|
+
|
|
+if [[ ${EUID} -eq 0 ]]; then
|
|
+ exec 1>&2
|
|
+ echo "This script has been patched by the Gentoo maintainer to disable"
|
|
+ echo "running it as root (effective UID 0). When run as root, the script"
|
|
+ echo "performs a number of operations insecurely. You should never need"
|
|
+ echo "to run this as root on Gentoo in the first place."
|
|
+ exit 1;
|
|
+fi
|
|
+
|
|
################################################################################
|
|
# This is property of eXtremeSHOK.com
|
|
# You are free to use, modify and distribute, however you may not remove this notice.
|
|
--
|
|
2.24.1
|
|
|