22
ESET File Security
6.1. Handle Object Policy
The Handle Object Policy (see figure 6-1) mechanism provides filtering of scanned objects
based on their status. This functionality is based on the following configuration options: ‘action_
av‘, ‘action_av_infected‘, ‘action_av_notscanned‘, ‘action_av_deleted‘. For detailed information on
these options, please refer to the esets.cfg(5) man page.
Figure 6-1. Scheme of Handle Object Policy mechanism.
Every object processed is first handled according to the configuration of the ‘action_av‘
option. If this option is set to ‘accept‘ (or ‘defer‘, ‘discard‘, ‘reject‘) the object is accepted (or deferred,
discarded, rejected). If the option is set to ‘scan‘ the object is scanned for virus infiltrations, and if
the ‘av_clean_mode‘ option is set to 'yes', the object is also cleaned. In addition, the configuration
options ‘action_av_infected‘, ‘action_av_notscanned‘ and ‘action_av_deleted‘ are taken into
account to further evaluate handling of the object. If an ‘accept‘ action has been taken as a result
of these three action options, the object is accepted. Otherwise, the object is blocked.
6.2. User Specific Configuration
The purpose of the User Specific Configuration mechanism is to provide a higher degree
of customization and functionality. It allows the sytem administrator to define
ESETS
antivirus
scanner parameters based on the user who is accessing file system objects.
A detailed description of this functionality can be found in the esets.cfg(5) man page; in this
section we will provide only a short example of a user-specific configuration.
In this example, the goal is to use the
esets_dac
module to control the ON_OPEN and ON_
EXEC access events for an external disc mounted under the
”/home”
directory. The module can
be configured in the [dac] section of the ESETS configuration file. See below:
[dac]
agent_enabled = yes
event_mask = ”open”
ctl_incl = ”/home”
action_av = ”scan”
To specify scan settings for an individual user, the ‘user_config’ parameter must specify the
accept
defer, discard, reject
action_av
object not accepted
accept
defer, discard, reject
action_av_infected
action_av_notscanned
action_av_deleted
object not accepted
object accepted
scan
Содержание FILE SECURITY
Страница 1: ...ESET File Security Installation Manual and User Guide we protect digital worlds...
Страница 3: ...Chapter 1 Introduction...
Страница 5: ...Chapter 2 Terminology and abbreviations...
Страница 8: ......
Страница 9: ...Chapter 3 Installation...
Страница 11: ...Chapter 4 Architecture Overview...
Страница 14: ......
Страница 15: ...Chapter 5 Integration with File System services...
Страница 20: ......
Страница 21: ...Chapter 6 Important ESET File Security mechanisms...
Страница 25: ...Chapter 7 ESET Security system update...
Страница 28: ......
Страница 29: ...Chapter 8 Let us know...
Страница 31: ...Appendix A PHP License...