The dansguardian-dgav package provides a false sense of security. It blocks content on first request, but allows it on refresh. If I'm not the only person for whom this happens, I _highly_ recommend hard-masking dansguardian-dgav, because cursory testing makes it look like it offers proection that it doesn't really offer. I'm using oops as a proxy server, between dansguardian and the Internet. I don't think proxy selection makes a difference to this, given the design of dansguardian. Reproducible: Always Steps to Reproduce: 1. Install clamav, oops/squid and dansguardian-dgav. 2. Edit dansguardian.conf to point to the clamd socket. 3. Configure your firewall to transparent proxy to dansguardian. 4. Fetch http://www.eicar.org/download/eicar.com.txt through the transparent proxy. 5. When you get "Access denied", force a browser refresh. Actual Results: When I first access the Eicar test virus (http://en.wikipedia.org/wiki/Eicar_test_file), I get "Access denied" as expected. If I force refresh with my browser, I get the file! :-) Expected Results: I should get "Access denied" regardless of how many times I request an object identified by clamd as malware.
you're right. dansguardian-dgav has been masked till a solution is found
I noticed this problem does not occur with Internet Explorer, so if your environment only contains this browser it is already usable
Yeah, but these days, Firefox is common even in a Windows-only environment. I presented this to the dansguardian users mailing list and was told that this is fixed in CVS. So the next release of dansguardian-dgav will probably fix it.
I agree with that. I just found a workaround for this. If you disable positive result caching in dansguardian.conf, thus setting urlcachenumber = 0, it'll actually work (at least with wget).
Hello. Dansguardian 2.8.0.6 and dgav-6.4.2a has been released. Unfortunately the patch applys not correctly. So just copying the old ebuild does not work. Beside from that issue this version works without the reported issue. Installed this version by hand. regards thomas
version has been bumped to 6.4.2a. normally this bug should be closed as fixed, but it will remain open until the old version will be removed from the tree and package.mask (in a week or so)
net-proxy/dansguardian-dgav-6.3.8 has been removed from the tree, along with its entry in package.mask