Problems occur when you save files with Auto-Protect on
|Article:TECH103265|||||Created: 2007-01-29|||||Updated: 2009-01-29|||||Article URL http://www.symantec.com/docs/TECH103265|
When you save a document or other type of file, you see errors or other problems. If you turn off Auto-Protect, the problems do not happen. You want to solve the problems and not disable Auto-Protect.
If you have problems saving files with Auto-Protect on, you can make a folder that is not a SafeZone. Then save files into that folder.
To make a folder that is not a SafeZone
- On the Apple menu, click System Preferences
- Under Other, click Symantec Auto-Protect or Norton Auto-Protect
- Click SafeZones
- Do one of the following:
- If everything is grey, and you cannot make any changes, continue with step 5
- If it is not grey, skip to step 7
- In the bottom left-hand corner, click the lock to make changes
- Enter your administrator name and password, and then click OK
- Click Everywhere EXCEPT in
- Navigate to the folder that you do not want Auto-Protect to scan
- Click Add
- Quit System Preferences
To configure SafeZones for Symantec AntiVirus for Macintosh 10 clients using the Symantec Administration Console for Macintosh
There are two basic processes to complete before clients can download updates from the LiveUpdate server:
- Create an Auto-Protect preference set
- Distribute the preference set to the clients
To create an Auto-Protect Preference Set
- In the Symantec Administration Console for Macintosh interface, on the Client Preferences page, click Create "Auto-Protect" Preference Set
- Type the Key Password
- Type a name for the Preference Set
- Under Safe Zones, select Everywhere EXCEPT In
- Under "Enter absolute paths on separate lines", enter the exact path to the directory you want to exclud from Auto-Protect
Note: SafeZones are case sensitive
- Click Save Preference Set
To send Auto-Protect Preference Set to clients
- Open the Symantec Administration Console for Macintosh
- Click Send Commands
- Choose the clients or groups that you want to send the new preferences to.
- Under Send Command Options, click Send command to all clients or Send command to clients and groups selected in step 3.
- Next to Command, choose Set Symantec Product Preferences
- Click Specify Preferences
- Type a Command Label
- Type a number for a Command Expire time
- Type the Key Password
- Next to Preference Set, choose the Auto-Protect Preference Set that you created in the section, "To create an Auto-Protect Preference Set" Click Command
- Once the files are saved in the chosen folder, you can move them into a SafeZone to be scanned Networks
Starting with Mac OS X 10.4, Auto-Protect will now scan files that are written to a mounted network share from the client running Auto-Protect. In some network configurations, this can cause degraded performance and reliability. Excluding mounted shares using SafeZones will resolve these type of issues. Universal SafeZones on Network drives can lower performance when you copy files from one computer to another or save files to a network share. By designating the network share as an unSafeZone, it will improve file transfer times and stop Auto-Protect related error messages.
How do SafeZones work?
In Norton AntiVirus for Macintosh 10.x and Symantec AntiVirus for Macintosh 10.x, SafeZones can be customized. A SafeZone is a place that Auto-Protect scans for viruses. By default, the entire hard drive is a SafeZone. A folder can be set up to not be a SafeZone (also called an "unSafe Zone"). Files saved into this kind of folder are not scanned by Auto-Protect.
Carbon vs. Cocoa file APIs
During the development and first release of Mac OS X, Apple created the procedural API called Carbon. The Carbon API allowed developers to leverage their legacy Mac OS 9 Toolbox code to work on Mac OS X with minimal changes. Carbon provides the bridge between legacy code and OS-X. To implement parts of the Carbon file API in Mac OS X, Apple added a non-POSIX compliant system call to the BSD core. Programs that use the Carbon file API use a delete function to remove files from the file system, while the modern Cocoa file API uses the POSIX standard unlink function.
There is a small and ever shrinking number of Carbon applications that use the Carbon File APIs depreciated delete system call, and an even smaller number use it in such a way that causes problems with programs that use the Cocoa file API. This situation is not unique to Auto-Protect.
When a Carbon-based application deletes a file (the delete command)
The delete function attempts to delete the file immediately. If the delete command is given when the file is in use, an error occurs and the file is not deleted.
When Cocoa-based application deletes a file (the unlink command)
When the OS tries to delete a file that is in use (linked to), it waits until the file is not in use (no more links) before it deletes it.
Carbon deletes: The file is deleted if it is not in use.
Cocoa unlinks: The file is always deleted.
Errors may occur when you save a PowerPoint or Distiller file with Auto-Protect on.
Programs like Microsoft PowerPoint and Adobe Acrobat Distiller save a hidden temporary file. This file is normally quickly deleted when the regular file is saved. Auto-Protect scans a file when it is created, so it scans the temporary file as it is created. Before Auto-Protect finishes the scan, programs like PowerPoint or Distiller try to remove the file using the Carbon file API which uses the delete function which results in an error because the file is in use by Auto-Protect.
Article URL http://www.symantec.com/docs/TECH103265