File Permissions and Privileges

To scan objects of the file system and neutralize threats, Dr.Web for UNIX Mail Servers (or rather the user under whom it runs) requires the following permissions:

Action

Required rights

Listing all detected threats

Unrestricted. No special permission required

List archive contents

(display only corrupted or malicious elements)

Unrestricted. No special permission required

Moving to quarantine

Unrestricted. The user can quarantine all infected files regardless of read or write permissions on them

Deleting threats

The user needs to have write permissions for the file that is being deleted.

If threat is detected in a file located in a container (an archive, email message, and so on), its removal is replaced with moving of a container to quarantine.

Curing

Unrestricted. The access permissions and owner of a cured file remain the same after curing.

The file can be removed if deletion can cure the detected threat.

Restoring a file from quarantine

The user should have permissions to read the file and to write to the restore directory

Deleting a file from quarantine

The user must possess write permissions to the file that was moved to quarantine

To enable operation of the command-line management Dr.Web Ctl tool with superuser (root) privileges, you can use the su command, which allows to change the user, or the sudo command, which allows you to execute a command as another user.

The Dr.Web Scanning Engine scan engine cannot scan file which size exceeds 4 GB (on attempt to scan such files, the following error message displays: “File is too large”).