Manualshelf

Installation manual

ManualsBrandsESET ManualsPrint & ScanGATEWAY SECURITY - FOR LINUX BSD AND SOLARIS
11121314151617181920
14
7. Important ESET File Security mechanisms
7.1 Handle Object Policy
The Handle Object Policy (see figure 6-1) mechanism provides filtering for scanned objects based on their status. This
functionality is based on the following configuration options:
action_av
action_av_infected
action_av_notscanned
action_av_deleted
For detailed information on these options, please refer to the esets.cfg(5) man page.
Figure 6-1. Scheme of Handle Object Policy mechanism.
Every processed object is first handled according to the configuration of the ‘action_av option. If this option is set to ‘accept’ (or
‘defer, discard’, ‘reject) the object is accepted (or deferred, discarded, rejected). If the option is set to scan the object is scanned
for virus infiltrations, and if the av_clean_mode’ option is set to ‘yes, the object is also cleaned. In addition, the configuration
options ‘action_av_infected’, ‘action_av_notscanned’ and ‘action_av_deleted’ are taken into account to further evaluate object
handling. If an ‘accept’ action has been taken as a result of these three action options, the object is accepted. Otherwise, the
object is blocked.
7.2 User Specific Configuration
The purpose of the User Specific Configuration mechanism is to provide a higher degree of customization and functionality. It
allows the system administrator to define ESETS antivirus scanner parameters based on the user who is accessing file system
objects.
A detailed description of this functionality can be found in the esets.cfg(5) man page. In this section we will provide only a short
example of a user-specific configuration.
In this example, the goal is to use the esets_dac module to control the ON_OPEN and ON_EXEC access events for an external disc
mounted under the /home directory. The module can be configured in the [dac] section of the ESETS configuration file. See below:
[dac]
agent_enabled = yes
event_mask = "open"
ctl_incl = "/home"
action_av = "scan"
To specify scan settings for an individual user, the ‘user_config parameter must specify the special configuration filename where
the individual scanning rules will be stored. In the example shown here, the special configuration file is called
‘esets_dac_spec.cfg and is located within the ESETS configuration directory (This directory is based on your operating system.
Please see Terminology and abbreviations page).