From mboxrd@z Thu Jan  1 00:00:00 1970
From: cdrice at pobox.com (Charles Dee Rice)
Date: Sat, 13 Dec 2014 20:09:47 +0000 (UTC)
Subject: Permission denied messages sent to webserver error log during scanning
Message-ID: <335599737.295704.1418501387890.JavaMail.yahoo@jws106139.mail.bf1.yahoo.com>

As a bit of a suggestion/request, I'd like to recommend a setting or option to ignore permission denied errors during scanning (or at least not send them to stderr / the webserver error log). 

For example: 
Error opening directory /some-directory/lost+found: Permission denied (13) 
Error opening directory /some-directory/private-stuff: Permission denied (13) 

Semantics are debatable -- perhaps rather than ignoring any permission denied errors, it is safer to ignore or exclude certain directory names (i.e. lost+found) or some user-defined list, etc. 

I noticed it while setting up my own scanning and thought I would toss the idea out there for discussion if it hasn't come up before.  For my purposes, I just added a check in scan-tree.c:scan_path() to skip the error message if errno == EACCES, but I certainly don't think that would necessarily be the best approach for everyone.

Maybe a cgitrc variable "scan-ignore-errors" to blanket turn off error messages during scans or something more refined like "scan-ignore-regex" to list a series of expressions to omit from scanning?

- Chuck