pdp 2010/06/14 19:51:10 BST
Modified files:
exim-doc/doc-docbook spec.xfpt
exim-doc/doc-txt NewStuff
Log:
Clarify that the ACL framework is not invoked for -bmalware, so that using
ACL variables in av_scanner blindly will not work.
Revision Changes Path
1.88 +9 -6 exim/exim-doc/doc-docbook/spec.xfpt
1.176 +2 -0 exim/exim-doc/doc-txt/NewStuff
Index: spec.xfpt
===================================================================
RCS file: /home/cvs/exim/exim-doc/doc-docbook/spec.xfpt,v
retrieving revision 1.87
retrieving revision 1.88
diff -u -r1.87 -r1.88
--- spec.xfpt 12 Jun 2010 15:21:25 -0000 1.87
+++ spec.xfpt 14 Jun 2010 18:51:09 -0000 1.88
@@ -1,4 +1,4 @@
-. $Cambridge: exim/exim-doc/doc-docbook/spec.xfpt,v 1.87 2010/06/12 15:21:25 jetmore Exp $
+. $Cambridge: exim/exim-doc/doc-docbook/spec.xfpt,v 1.88 2010/06/14 18:51:09 pdp Exp $
.
. /////////////////////////////////////////////////////////////////////////////
. This is the primary source of the Exim Manual. It is an xfpt document that is
@@ -3184,12 +3184,15 @@
.cindex "testing", "malware"
.cindex "malware scan test"
This debugging option causes Exim to scan the given file,
-using the malware scanning framework. The option of av_scanner influences
-this option, so if av_scanner's value is dependent upon an expansion then
-the expansion should have defaults which apply to this invocation. Exim will
-have changed working directory before resolving the filename, so using fully
-qualified pathnames is advisable. Exim will be running as the Exim user
-when it tries to open the file, rather than as the invoking user.
+using the malware scanning framework. The option of &%av_scanner%& influences
+this option, so if &%av_scanner%&'s value is dependent upon an expansion then
+the expansion should have defaults which apply to this invocation. ACLs are
+not invoked, so if &%av_scanner%& references an ACL variable then that variable
+will never be populated and &%-bmalware%& will fail.
+
+Exim will have changed working directory before resolving the filename, so
+using fully qualified pathnames is advisable. Exim will be running as the Exim
+user when it tries to open the file, rather than as the invoking user.
This option requires admin privileges.
The &%-bmalware%& option will not be extended to be more generally useful,
Index: NewStuff
===================================================================
RCS file: /home/cvs/exim/exim-doc/doc-txt/NewStuff,v
retrieving revision 1.175
retrieving revision 1.176
diff -u -r1.175 -r1.176
--- NewStuff 12 Jun 2010 15:21:25 -0000 1.175
+++ NewStuff 14 Jun 2010 18:51:10 -0000 1.176
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-doc/doc-txt/NewStuff,v 1.175 2010/06/12 15:21:25 jetmore Exp $
+$Cambridge: exim/exim-doc/doc-txt/NewStuff,v 1.176 2010/06/14 18:51:10 pdp Exp $
New Features in Exim
--------------------
@@ -42,6 +42,8 @@
takes one parameter, a filename, and scans that file with Exim's
malware-scanning framework. This is intended purely as a debugging aid
to ensure that Exim's scanning is working, not to replace other tools.
+ Note that the ACL framework is not invoked, so if av_scanner references
+ ACL variables without a fallback then this will fail.
5. There is a new expansion operator, "reverse_ip", which will reverse IP
addresses; IPv4 into dotted quad, IPv6 into dotted nibble. Examples:
