Avast! MAC Err 13 in scan result

[SMPlante]

I have installed Avast! MAC (VPS 071227-0 of 27.12.2007) on my 2.8Ghz (Intel Core 2 Duo), 4Gb-667Mhz, 750Gb Hard drive, and lot of "err 13" is reported in Avast! Scan Result.

It look like this is related to permission the user (who have launched the scan) have on the folders/files.

From my testing, most of the files/folders, that are reporting this error, are owned by "System" and normally users do not have the rights to read/write to it.

Files and folders, from other local user, are reporting err 13 either.

Is any other Avast! Mac user have this same problem ?

Any solution ?

Thank's

[.: Mac :.]

What files are you scanning that report the error?

[SMPlante]

Tryied to scan the complete Hard Drive

[zilog]

I have installed Avast! MAC (VPS 071227-0 of 27.12.2007) on my 2.8Ghz (Intel Core 2 Duo), 4Gb-667Mhz, 750Gb Hard drive, and lot of "err 13" is reported in Avast! Scan Result.
It look like this is related to permission the user (who have launched the scan) have on the folders/files.
From my testing, most of the files/folders, that are reporting this error, are owned by "System" and normally users do not have the rights to read/write to it.
Files and folders, from other local user, are reporting err 13 either.
Is any other Avast! Mac user have this same problem ?
Any solution ?
Thank's

Hallo,

err 13 = EACCESS (/usr/include/sys/errno.h), and that's exactly the correct behavior. MacOS is based on FreeBSD-like system, that uses the Unix security/rights model, and thus, it's correct that user A cannot read private files of user B.

With antivirus that will allow this, You will be able, for example, as user-A, to copy user-B's infected private *.doc document to Your home, and read it - and that not what user-B wants.

If You want to do on-demand scan of the whole drive (including all user account on the machine), You have to launch avast! under Your root account (can be enabled via NetInfo utility for 10.4.x, or via DirectoryUtility for 10.5.x).

Regards,
PC

[cwphoto]

So, is err 13 a normal behaviour--or--something to be concerned about?  If it is of concern, how should a user proceed when many files with this err code appear?
Cheers!

[.: Mac :.]

So, is err 13 a normal behaviour--or--something to be concerned about?  If it is of concern, how should a user proceed when many files with this err code appear?
Cheers!

as Zilog posted, files owned by the root user (or any other user) will show this error so if you are scanning the entire Hard Disk you will get quite a few files with this error.

[zilog]

So, is err 13 a normal behaviour--or--something to be concerned about?  If it is of concern, how should a user proceed when many files with this err code appear?
Cheers!

Hallo, ERR=13 is a normal access-permission error - scanner tried to scan file that was visible, but inaccessible for You, because it's owned by the superuser or by another user on the machine.

To be able to scan even those files, You must become root (can be enabled via NetInfo utility for 10.4.x, or via DirectoryUtility for 10.5.x) and run avast under this account.

[pattersd]

I have tried to figure out how to follow the instruction in zilog's posting, to run avast under the root user account, but can't.  Can't find any help on Apple Support Site.  When I open the DirectoryUtility (Mac OSX 10.5.2) I can't find anyplace to choose "Edit>Enable Root User".  I browse through the various DirectoryUtiity screens and simply can't see anything like this no matter which buttons (like the pencil icon) I click.  I'd love to be able to run avast as root user to avoid all those err 13 warnings, but am in the dark.

I feel like a dunce of a newbie, but have a way to go to get accustomed to Mac.  At least mine has never crashed, unlike the two or three crashes per day I was experiencing with Vista.  I know this is an apple question rather than an avast question, and if necessary will try Apple once it is a civilized hour in that part of the world.

[zilog]

I have tried to figure out how to follow the instruction in zilog's posting, to run avast under the root user account, but can't.  Can't find any help on Apple Support Site.  When I open the DirectoryUtility (Mac OSX 10.5.2) I can't find anyplace to choose "Edit>Enable Root User".  I browse through the various DirectoryUtiity screens and simply can't see anything like this no matter which buttons (like the pencil icon) I click.  I'd love to be able to run avast as root user to avoid all those err 13 warnings, but am in the dark.

I feel like a dunce of a newbie, but have a way to go to get accustomed to Mac.  At least mine has never crashed, unlike the two or three crashes per day I was experiencing with Vista.  I know this is an apple question rather than an avast question, and if necessary will try Apple once it is a civilized hour in that part of the world.

Hallo,
there are plenty of detailed descriptions how to get root account, for example this one: http://www.macosxhints.com/article.php?story=20071025100950309

... and here's the official one: http://docs.info.apple.com/article.html?artnum=106290

regards,
PC

[smkolins]

there are many reasons at this point to not enable to the root user but there are also a few to be able to emulate the root user and there are ways Avast! could do this. Since it already runs as a daemon it should be easy. Suggesting a user enable the root account is a generally bad idea - it's where there are no safety guidelines a general Mac user would easily recognize. Mistakes done while root can easily make the computer completely unusable. If Avast! wants to deal with rootkits and such (where essentially the root or system daemons are compromised) it should come up with a far more robust approach than to tell users to enable the root account. Apple's own approach to such basic issues is to do a "clean install" of the OS - a rather cool technique they've had for a long time.

[zilog]

there are many reasons at this point to not enable to the root user but there are also a few to be able to emulate the root user and there are ways Avast! could do this. Since it already runs as a daemon it should be easy. Suggesting a user enable the root account is a generally bad idea - it's where there are no safety guidelines a general Mac user would easily recognize. Mistakes done while root can easily make the computer completely unusable. If Avast! wants to deal with rootkits and such (where essentially the root or system daemons are compromised) it should come up with a far more robust approach than to tell users to enable the root account. Apple's own approach to such basic issues is to do a "clean install" of the OS - a rather cool technique they've had for a long time.

Administration (like scanning the whole discs) is a task that simply belongs to root. Having user's application that allows a particular user to scan through the whole disc (with all files of other users that should be not visible for him) would be a security break. We'd like to keep the per-user principle here, where the scanner is not allowed to do things that the user normally can't do...

regards,
pc

[smkolins]

Administration (like scanning the whole discs) is a task that simply belongs to root. Having user's application that allows a particular user to scan through the whole disc (with all files of other users that should be not visible for him) would be a security break. We'd like to keep the per-user principle here, where the scanner is not allowed to do things that the user normally can't do...

regards,
pc

I don't disagree (except that you are then conceding detecting root kits perhaps) but then why suggest how someone can become root?

[zilog]

Administration (like scanning the whole discs) is a task that simply belongs to root. Having user's application that allows a particular user to scan through the whole disc (with all files of other users that should be not visible for him) would be a security break. We'd like to keep the per-user principle here, where the scanner is not allowed to do things that the user normally can't do...

regards,
pc

I don't disagree (except that you are then conceding detecting root kits perhaps) but then why suggest how someone can become root?

Hallo, simply because root's tasks should be done by root, or at least by user with superuser privileges. Each (and even a third-party) application that escallates privileges while run by common user might be potentially abused for a local-root exploit...

regards,
PC

[iMacChicks]

'Scuse the massive *BUMP*!
I'm having this problem as well. The reason I call it a problem is that I am the sole user/account on this computer, not even an active 'guest' account, and all files on the computer were by me, yet I have 262 of these 'err 13' messages so far on the scan... is this still ok??
Cheers

[.: Mac :.]

'Scuse the massive *BUMP*!
I'm having this problem as well. The reason I call it a problem is that I am the sole user/account on this computer, not even an active 'guest' account, and all files on the computer were by me, yet I have 262 of these 'err 13' messages so far on the scan... is this still ok??
Cheers

Yes this is still OK. You are not the only account on the computer, there is always the Superuser account/root in any UNIX system.