[OS X TeX] OT: effective Macintosh Trojan in the wild
Bernhard Barkow
bb at creativeeyes.at
Sun May 8 11:13:35 EDT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 8. Mai 2005, at 16:46, Maarten Sneep wrote:
>>>> When installing, ClamXav creates a clamav group and a clamav
>>>> user, visible under NetInfo Manager and used (according to the
>>>> doc) for retrieving updates. Is that what you mean?
>>>>
>>>
>>> No, the clamav user is there on my system, even though I've never
>>> installed clamXav.
>>>
>>
>> Then I imagine you've got Tiger Server, which includes clamav
>>
>
> [looks at bill:] No, that isn't server, just a clean install of
> Tiger client. [looks again at 'about this mac':] "Mac OS X, version
> 10.4 (no mention of server there) [click] build 8A428.
>
> Note that I did wipe my drive before instaling, and that I
> formatted as Case sensitive HFS+. Maybe that triggered some things,
> but I find that hard to believe.
I too wiped my drive and formatted it as HFS+; in Tiger (Client), the
clamav user exists, but ClamAV is not installed on the system; as I
said before, I assume it's just a leftover from Tiger Server. ClamAV
only makes sense unless you either use the system as a mail server
(i.e. to have ClamAV work at server level, which is the intention of
the clamav user configured by Apple), or use it as on-demand scanner
(also for scanning incoming mails, for example with the AppleScript I
adapted (http://www.creativeeyes.at/tools/clamav.php)).
If you don't use ClamAV, I guess it can't do any harm to delete the
user with the Netinfo Utility; of course, it will probably do even
less harm to just leave the clamav user as it is...
Bernhard
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
iD8DBQFCfiyjqJ8JxFkhAg0RAs/lAKCgaAl8wYUoX5uMD2iM9Dkg4LB4/wCgxspV
ayWXZb3/TNrI1O4b05urvmA=
=jo1b
-----END PGP SIGNATURE-----
--------------------- Info ---------------------
Mac-TeX Website: http://www.esm.psu.edu/mac-tex/
& FAQ: http://latex.yauh.de/faq/
TeX FAQ: http://www.tex.ac.uk/faq
List Post: <mailto:MacOSX-TeX at email.esm.psu.edu>
More information about the MacOSX-TeX
mailing list