From 7db7fe89692e4be2802788c678e1b7f38cf5c36d Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Sat, 20 Nov 2004 05:59:45 +0000 Subject: Added the sample virus_action.sh script to the distribution --- scripts/virus_action.sh | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 scripts/virus_action.sh (limited to 'scripts') diff --git a/scripts/virus_action.sh b/scripts/virus_action.sh new file mode 100644 index 0000000..b41f993 --- /dev/null +++ b/scripts/virus_action.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +# WARNING WARNING WARNING WARNING WARNING WARNING WARNING +# +# By using variables passed in from clamsmtpd in file +# manipulation commands without escaping their contents +# you are opening yourself up to REMOTE COMPROMISE. You +# have been warned. Do NOT do the following unless you +# want to be screwed big time: +# +# mv $EMAIL "$SENDER.eml" +# +# An attacker can use the above command to compromise your +# computer. The only variable that is guaranteed safe in +# this regard is $EMAIL. +# +# The following script does not escape its variables +# because it only uses them in safe ways. +# +# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +# A sample script for virus actions. When testing make sure +# everything can run as the clamav (or relevant) user. + +file="/path/to/virus.log" +dir="/path/to/quarantine/" + +exec 1>>$file +exec 2>>$file + + +# Add some fun log lines to the log file + +echo "-------------------------------------------------------" +echo Sender $SENDER +echo Recipients $RECIPIENTS +echo Virus $VIRUS +echo "-------------------------------------------------------" + + +# Move the virus file to another directory +# This only works if Quarantine is enabled + +if [ -n "$EMAIL" ]; then + mv "$EMAIL" "$dir" +fi + -- cgit v1.2.3