... | ... |
@@ -146,7 +146,7 @@ void *onas_fan_th(void *arg) |
146 | 146 |
return NULL; |
147 | 147 |
} |
148 | 148 |
|
149 |
- if (!optget(tharg->opts, "OnAccessNotifyOnly")->enabled && !optget(tharg->opts, "OnAccessMountPath")->enabled) { |
|
149 |
+ if (optget(tharg->opts, "OnAccessPrevention")->enabled && !optget(tharg->opts, "OnAccessMountPath")->enabled) { |
|
150 | 150 |
logg("ScanOnAccess: preventing access attempts on malicious files.\n"); |
151 | 151 |
fan_mask |= FAN_ACCESS_PERM | FAN_OPEN_PERM; |
152 | 152 |
} else { |
... | ... |
@@ -593,11 +593,11 @@ Example |
593 | 593 |
#OnAccessDisableDDD yes |
594 | 594 |
|
595 | 595 |
# Modifies fanotify blocking behaviour when handling permission events. |
596 |
-# If turned on, fanotify will only notify if the file scanned is a virus, |
|
596 |
+# If off, fanotify will only notify if the file scanned is a virus, |
|
597 | 597 |
# and not perform any blocking. |
598 | 598 |
# (On-access scan only) |
599 | 599 |
# Default: no |
600 |
-#OnAccessNotifyOnly yes |
|
600 |
+#OnAccessPrevention yes |
|
601 | 601 |
|
602 | 602 |
## |
603 | 603 |
## Bytecode |
... | ... |
@@ -405,7 +405,7 @@ const struct clam_option __clam_options[] = { |
405 | 405 |
|
406 | 406 |
{ "OnAccessDisableDDD", "disable-ddd", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD, "This option toggles the dynamic directory determination system for on-access scanning (Linux only).", "no" }, |
407 | 407 |
|
408 |
- { "OnAccessNotifyOnly", "notify-only", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD, "This option changes fanotify behavior to not prevent access attempts on malicious files and simply notify the user instead (On Access scan only).", "no" }, |
|
408 |
+ { "OnAccessPrevention", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD, "This option changes fanotify behavior to prevent access attempts on malicious files instead of simply notifying the user (On Access scan only).", "yes" }, |
|
409 | 409 |
|
410 | 410 |
/* FIXME: mark these as private and don't output into clamd.conf/man */ |
411 | 411 |
{ "DevACOnly", "dev-ac-only", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, FLAG_HIDDEN, OPT_CLAMD | OPT_CLAMSCAN, "", "" }, |