Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New user several questions

First, for the automatic update interval, how is the time calculated? Is it ordinary chronological time, or is it actual computer running time. For example, if I select automatic updating for daily, with the last update having occurred at 9 AM Tuesday, will the next update happen at 9 AM Wednesday, provided the computer is not sleeping at that moment. Or will it need 24 hours of actual computer running time, which might not happen if the computer is sleeping for extended periods perhaps until several days later?

Second, I ran Sophos (9.0.8) yesterday booted from a 10.6.8 partition on an external drive. It calculated something like 1,900,000 files/folders to scan. The 10.6.8 boot volume was only around 701,000. The other volume on that drive, a 10.8.5, is around 607,000, which, if Sophos was scanning both, still comes nowhere near close to the total Sophos calculated. If I add in the internal 10.6.8 volume, the total is a figure around 2,001,000, still not the 1,900,000 I saw, but more plausible. Was it scanning all three volumes? I am very puzzled about the number of files Sophos calculated. Naturally, this scan took far longer than intended.

Finally, although I logged in to my admin user in order to run the scan, I am normally running out of a standard account for security. So, of course, there I could see that my admin user was out of bounds. But from the standard user, I ran a shell script which opened Sophos with root privileges (do shell script "/Applications/'Sophos Anti-Virus.app'/Contents/MacOS/'Sophos Anti-Virus' > /dev/null 2>&1 &" with administrator privileges) When I opened Sophos that way, I was able to see the other user, but I still got the notice that I was running using "current privileges." Not sure why that didn't disappear when opened as root, but what I wonder is, since that notice didn't disappear, if running as root will have the necessary privileges needed to scan all system files, and if anything is found, will I be able to "clean" that infection--should it really need to be cleaned? I would not like to have to log in to my admin account in order to do either of those, completely scan all system files, and clean, when necessary.


:1016041


This thread was automatically locked due to age.
Parents

  • brvx wrote:

    So, again, pardon me for perhaps not getting this, what exactly are the current privileges when running from the shell script? Is that Scan with current privileges button there simply because I'm still logged in to the standard user and the UI in some dumb mannner isn't able to recognize that that button is no longer necessary, or are there any real limitations on those privileges from the shell script? I would have thought that shell script would be the equivalent of running from sudo/root. Just a different way of doing that. 


    The phrase "current priviliges" could be re-written to say "as the current user". When you run a shell script from Terminal, it runs as the user who started Terminal. The "sudo" command definitely changes this. In Terminal type "whoami" to find out who you are. Type "sudo whoami" to see what I mean (it will tell you that you are root).

    The same rules apply to running things from AppleScript. You can test this yourself with a little bit of scripting to run "whoami" both without and with the option "with administrator privileges". As mentioned in the technote, there are certain limitations to invoking commands this way. No idea why you want to run the GUI this way, but it doesn't really change how the software works. You should assume our support for AppleScript is subject to change in future versions of the software, so if you are looking for some specific features it would be useful to hear about it.

    If you are running the GUI as a non-administrative user, we only offer you the chance to scan as that user. If you watch for the SophosAVAgent process in Activity Monitor you'll see what I mean.

    If you are running the GUI as an administrative user, we offer you the choice of running as the current user, or to authenticate and run with elevated priviliges. If you watch Activity Monitor you'll see that after you authenticate your scans run as root. This means the scan can peek inside directories that your user (even an administrator) normally can't access. There should be obvious benefits to being able to scan all directories on disk, and the tradeoff is that we require you to authenticate as an administrator in order to do so.


    brvx wrote:

    I only suggested carrying this on by email if that was more convenient for you. I'm quite happy to let it remain public.


    The downside to our free product is the lack of real-time customer support. Whether its via this forum or via email, you'll sometimes not get answers right away. So if you were hoping for faster responses via email you might be disappointed.  I have no problem with people emailing me directly (and it happens with some frequency, as my email is in my signature on every post) but I definitely have to prioritize how I spend my day. On the other hand, we really do value our hundreds of thousands of Home Edition users, and want to do our best to give everyone a good experience when possible.

    :1016089
Reply

  • brvx wrote:

    So, again, pardon me for perhaps not getting this, what exactly are the current privileges when running from the shell script? Is that Scan with current privileges button there simply because I'm still logged in to the standard user and the UI in some dumb mannner isn't able to recognize that that button is no longer necessary, or are there any real limitations on those privileges from the shell script? I would have thought that shell script would be the equivalent of running from sudo/root. Just a different way of doing that. 


    The phrase "current priviliges" could be re-written to say "as the current user". When you run a shell script from Terminal, it runs as the user who started Terminal. The "sudo" command definitely changes this. In Terminal type "whoami" to find out who you are. Type "sudo whoami" to see what I mean (it will tell you that you are root).

    The same rules apply to running things from AppleScript. You can test this yourself with a little bit of scripting to run "whoami" both without and with the option "with administrator privileges". As mentioned in the technote, there are certain limitations to invoking commands this way. No idea why you want to run the GUI this way, but it doesn't really change how the software works. You should assume our support for AppleScript is subject to change in future versions of the software, so if you are looking for some specific features it would be useful to hear about it.

    If you are running the GUI as a non-administrative user, we only offer you the chance to scan as that user. If you watch for the SophosAVAgent process in Activity Monitor you'll see what I mean.

    If you are running the GUI as an administrative user, we offer you the choice of running as the current user, or to authenticate and run with elevated priviliges. If you watch Activity Monitor you'll see that after you authenticate your scans run as root. This means the scan can peek inside directories that your user (even an administrator) normally can't access. There should be obvious benefits to being able to scan all directories on disk, and the tradeoff is that we require you to authenticate as an administrator in order to do so.


    brvx wrote:

    I only suggested carrying this on by email if that was more convenient for you. I'm quite happy to let it remain public.


    The downside to our free product is the lack of real-time customer support. Whether its via this forum or via email, you'll sometimes not get answers right away. So if you were hoping for faster responses via email you might be disappointed.  I have no problem with people emailing me directly (and it happens with some frequency, as my email is in my signature on every post) but I definitely have to prioritize how I spend my day. On the other hand, we really do value our hundreds of thousands of Home Edition users, and want to do our best to give everyone a good experience when possible.

    :1016089
Children
No Data