On Thu, 23 Apr 2009 18:10:38 -0400, Ross Walker wrote: > How about running it as the untrusted user 'clamav'? How's that user going to check anything that's not o+r? > I know there is a lot of boilerplate regulation out there, I have my > fair share to deal with myself. Often hidden in the BS there is a good > intention it just requires a little give and take. Give in to a little > BS here to get a little break on the BS there. > > What the consultant should be working off of is an accurate risk > assessment of the OS and the applications installed on it, not some dumb > checklist. Yeah, well, problem is, you don't get to choose who's going to assess you.