... | ... |
@@ -807,6 +807,7 @@ onas_fan_checkowner (int pid, const struct optstruct *opts) |
807 | 807 |
{ |
808 | 808 |
char path[32]; |
809 | 809 |
STATBUF sb; |
810 |
+ int num_arg; |
|
810 | 811 |
const struct optstruct *opt; |
811 | 812 |
|
812 | 813 |
if (pid == (int) getpid()) { |
... | ... |
@@ -821,7 +822,9 @@ onas_fan_checkowner (int pid, const struct optstruct *opts) |
821 | 821 |
{ |
822 | 822 |
while (opt) |
823 | 823 |
{ |
824 |
- if (opt->numarg == (long long) sb.st_uid) |
|
824 |
+ /* We use UID 0 in place of -1 because the option would be disabled for UID 0*/ |
|
825 |
+ (opt->numarg == -1) ? (num_arg = 0) : (num_arg = opt->numarg); |
|
826 |
+ if (num_arg == (long long) sb.st_uid) |
|
825 | 827 |
return 1; |
826 | 828 |
opt = opt->nextarg; |
827 | 829 |
} |
... | ... |
@@ -610,10 +610,11 @@ Example |
610 | 610 |
#OnAccessExcludePath /home/bofh |
611 | 611 |
|
612 | 612 |
# With this option you can whitelist specific UIDs. Processes with these UIDs |
613 |
-# will be able to access all files. |
|
613 |
+# will be able to access all files. For UID 0 please use a value of -1 since |
|
614 |
+# a value of 0 will disable this option. |
|
614 | 615 |
# This option can be used multiple times (one per line). |
615 | 616 |
# Default: disabled |
616 |
-#OnAccessExcludeUID 0 |
|
617 |
+#OnAccessExcludeUID -1 |
|
617 | 618 |
|
618 | 619 |
# Toggles dynamic directory determination. Allows for recursively watching include paths. |
619 | 620 |
# (On-access scan only) |
... | ... |
@@ -404,7 +404,7 @@ const struct clam_option __clam_options[] = { |
404 | 404 |
|
405 | 405 |
{ "OnAccessExcludePath", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_CLAMD, "This option allows excluding directories from on-access scanning. It can\nbe used multiple times. Only works with DDD system.", "/home/bofh\n/root" }, |
406 | 406 |
|
407 |
- { "OnAccessExcludeUID", NULL, 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, FLAG_MULTIPLE, OPT_CLAMD, "With this option you can whitelist specific UIDs. Processes with these UIDs\nwill be able to access all files.\nThis option can be used multiple times (one per line).", "0" }, |
|
407 |
+ { "OnAccessExcludeUID", NULL, 0, CLOPT_TYPE_NUMBER, NULL, -1, NULL, FLAG_MULTIPLE, OPT_CLAMD, "With this option you can whitelist specific UIDs. Processes with these UIDs\nwill be able to access all files.\nThis option can be used multiple times (one per line). For a UID of 0 please use the value -1 instead, since 0 will disable this option.", "0" }, |
|
408 | 408 |
|
409 | 409 |
{ "OnAccessMaxFileSize", NULL, 0, CLOPT_TYPE_SIZE, MATCH_SIZE, 5242880, NULL, 0, OPT_CLAMD, "Files larger than this value will not be scanned in on access.", "5M" }, |
410 | 410 |
|