[Bug 151826] New: silently letting viruses through in case clamd is not (yet) running
Olivier Vitrat
ovit.debian at gmail.com
Sat Nov 3 21:31:01 GMT 2007
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.kde.org/show_bug.cgi?id=151826
Summary: silently letting viruses through in case clamd is not
(yet) running
Product: kmail
Version: unspecified
Platform: Debian testing
OS/Version: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: general
AssignedTo: kdepim-bugs kde org
ReportedBy: ovit.debian gmail com
Version: (using KDE KDE 3.5.5)
Installed from: Debian testing/unstable Packages
Reported in Debian BTS at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435325
Package: kmail
Version: 3.5.5.dfsg.1-6
Severity: important
package clamav-daemon in version 0.90.1-3etch4 contains program "clamdscan"
package kmail contains program kmail_clamav.sh
if you configure kmail to scan incoming email for viruses, it automatically
adds filter rules for clamav by using the kmail_clamav.sh script.
when clamd is starting, it takes about 3 minutes until it is running.
so when a typical user starts his computer, loggs in to KDE, starts kmail,
receives email, then all viruses silently pass through because
kmail_clamav.sh just sais X-Virus-Flag: No in case clamdscan fails. and
clamdscan fails in case clamd is not yet running. clamd is not yet running
because it takes 3 minutes on each first start.
i think it is a fundamental problem with kmail filter scripts that they cannot
report errors. if you add output to stderr in a kmail filter script and then
return a error code, if you check the filter log in kmail, you see that the
filter failed. but if you do not check the log, the filter just silently
fails.
but it also is not a solution to change kmail_clamav.sh so that if anything
fails it always adds X-Virus-Flag: Yes.
maybe kmail_clamav.sh should add a big header to the email saying that the
virus check failed and it is unsure if this email contains a virus or not.
but the current behaviour of just silently passing unchecked data is not
really good...
thx
cya
erik
More information about the Kdepim-bugs
mailing list