Important Eset File Security Mechanisms; Handle Object Policy; User Specific Configuration - ESET FILE SECURITY - FOR LINUX BSD AND SOLARIS Installation Manual

6. Important ESET File Security mechanisms

6.1 Handle Object Policy

The Handle Object Policy (see figure 6-1) mechanism provides filtering of scanned objects based on their status. This
functionality is based on the following configuration options:
action_av
action_av_infected
action_av_notscanned
action_av_deleted
For detailed information on these options, please refer to the esets.cfg (5 ) man page.
Figure 6-1. Scheme of Handle Object Policy mechanism.
Every object processed is first handled according to the configuration of the 'a ction_a v' option. If this option is set to 'a ccept'
(or 'defer' , 'disca rd' , 'reject' ) the object is accepted (or deferred, discarded, rejected). If the option is set to 'sca n' the object is
scanned for virus infiltrations, and if the 'a v_clea n_mode ' option is set to 'yes ', the object is also cleaned. In addition, the
configuration options 'a ction_a v_infected ', 'a ction_a v_notsca nned ' and 'a ction_a v_deleted ' are taken into account to further
evaluate handling of the object. If an 'a ccept' action has been taken as a result of these three action options, the object is
accepted. Otherwise, the object is blocked.

6.2 User Specific Configuration

The purpose of the User Specific Configuration mechanism is to provide a higher degree of customization and functionality. It
allows the sytem administrator to define ESETS antivirus scanner parameters based on the user who is accessing file system
objects.
A detailed description of this functionality can be found in the esets.cfg (5 ) man page; in this section we will provide only a
short example of a user-specific configuration.
In this example, the goal is to use the esets_da c module to control the ON_OPEN and ON_EXEC access events for an external
disc mounted under the /home directory. The module can be configured in the [da c] section of the ESETS configuration file. See
below:
[dac]
agent_enabled = yes
event_mask = "open"
ctl_incl = "/home"
action_av = "scan"
To specify scan settings for an individual user, the 'user_config ' parameter must specify the special configuration filename
where the individual scanning rules will be stored. In the example shown here, the special configuration file is called
'esets_da c_spec.cfg ' and is located within the ESETS configuration directory (This directory is based on your operating system.
Please see Terminology and abbreviations page).
13