Handle Object Policy

The Handle Object Policy (see figure 6-1) mechanism provides filtering for scanned objects based on their status. This functionality is based on the following configuration options:

action_av

action_av_infected

action_av_notscanned

action_av_deleted

For detailed information on these options, please refer to the esets.cfg(5) man page.

Figure 6-1. Scheme of Handle Object Policy mechanism.

policy

Every processed object is first handled according to the configuration of the ‘action_av‘ option. If this option is set to ‘accept’ (or ‘defer’, ‘discard’, ‘reject’) the object is accepted (or deferred, discarded, rejected). If the option is set to ‘scan’ the object is scanned for virus infiltrations, and if the ‘av_clean_mode’ option is set to ‘standard’ (or 'strict', or 'rigorous'), the object is also cleaned. In addition, the configuration options ‘action_av_infected’, ‘action_av_notscanned’ and ‘action_av_deleted’ are taken into account to further evaluate object handling. If an ‘accept’ action has been taken as a result of these three action options, the object is accepted. Otherwise, the object is blocked.