Quoting Andreas Wagner <A.Wagner@stud.uni-frankfurt.de>:
finally I got round to installing Dazuko (and my first self-compiled kernel in the process) on my SuSE 8.0 box. Now I am trying to make up my mind what to do with it. As Virus Scanners, I have Sophos, Antivir f. Workstation, ClamAV and F-Prot (triggered mostly by amavisd-new). At least ClamAV and Antivir should be able to make use of Dazuko. However, it seems that Dazuko only allows root to interact with it and this would mean I would no longer be able to run clamd as a less-privileged user.
Did I understand this right? If so, what are the respective drawbacks and advantages of running clamd as root or not using dazuko after all?
Also, what do you think whether it would cause problems to have both Antivir and clamd trying to use Dazuko?
It all depends on what you are trying to accomplish. As I understand it, dazuko bascially allows virus scanners to act like they do in Windows, scanning files as they are opened and whatnot. Considering how rare actual linux viruses are, in fact, I don't think I've ever even heard of a file-infecting style virus (as opposed to worms or trojans) for linux. There does not seem to be much point in running dazuko at this time. Certainly not worth the effort involved, in my humble opinion. If you're using the virus scanner on your e-mail, through amavis, dazuko is superfluous. Amavis calls the virus scanner by itself. What is your goal? What are you trying to accomplish in what type of environment? Depending on your environment, running clamd as root may not be much of a security risk, as long as you make certain that it is only listening to localhost and/or host-firewalled off.