summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStef Walter <stef@memberwebs.com>2004-11-20 05:59:45 +0000
committerStef Walter <stef@memberwebs.com>2004-11-20 05:59:45 +0000
commit7db7fe89692e4be2802788c678e1b7f38cf5c36d (patch)
tree227a77b6f7c3f36dd7e52b456b69151db90bd1a9
parent263b752d211d211f39a094f69e39d29c33ca70b9 (diff)
Added the sample virus_action.sh script to the distribution
-rw-r--r--ChangeLog4
-rw-r--r--scripts/virus_action.sh48
2 files changed, 52 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 2294431..a112f3e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+1.2 ????
+
+ - Added the sample virus_action.sh script to the distribution
+
1.1 [2004-10-30]
- Added CLIENT and SERVER variables to VirusAction script environment.
- Even better logging for network errors.
diff --git a/scripts/virus_action.sh b/scripts/virus_action.sh
new file mode 100644
index 0000000..b41f993
--- /dev/null
+++ b/scripts/virus_action.sh
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+# WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+#
+# By using variables passed in from clamsmtpd in file
+# manipulation commands without escaping their contents
+# you are opening yourself up to REMOTE COMPROMISE. You
+# have been warned. Do NOT do the following unless you
+# want to be screwed big time:
+#
+# mv $EMAIL "$SENDER.eml"
+#
+# An attacker can use the above command to compromise your
+# computer. The only variable that is guaranteed safe in
+# this regard is $EMAIL.
+#
+# The following script does not escape its variables
+# because it only uses them in safe ways.
+#
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+# A sample script for virus actions. When testing make sure
+# everything can run as the clamav (or relevant) user.
+
+file="/path/to/virus.log"
+dir="/path/to/quarantine/"
+
+exec 1>>$file
+exec 2>>$file
+
+
+# Add some fun log lines to the log file
+
+echo "-------------------------------------------------------"
+echo Sender $SENDER
+echo Recipients $RECIPIENTS
+echo Virus $VIRUS
+echo "-------------------------------------------------------"
+
+
+# Move the virus file to another directory
+# This only works if Quarantine is enabled
+
+if [ -n "$EMAIL" ]; then
+ mv "$EMAIL" "$dir"
+fi
+