Special considerations for scanning symbolic links and hard links

Kaspersky Endpoint Security lets you scan symbolic links and hard links to files.

Scanning symbolic links

The application scans symbolic links only if the file referenced by the symbolic link is within the scan scope of the File Threat Protection component.

If the file referenced by the symbolic link is not within the scan scope of the File Threat Protection component, the application does not scan this file. However, if the file contains malicious code, the security of the device is at risk.

Scanning hard links

When processing a file that has more than one hard link, the application disinfects the original file. If disinfection fails, the application deletes the hard link and creates in its place a copy of the source file with the name of the deleted hard link. When deleting, the application deletes the hard link being processed, but does not process the other hard links to this file.

When you restore a file with a hard link from the Backup storage, the application creates a copy of the source file with the name of the hard link that was moved to the Backup storage. Connections with the remaining hard links to the source file will not be restored.

Page top