Re: download of source packages alarmed clamav
> On Tue, Jun 25, 2013 at 08:04:00AM -0400, Scott Kitterman wrote:
> > This comes up periodically. They aren't real.
> It would appear they're real enough to trigger clamav's detection,
> which was the problem the OP was having.
Yes. It is not really a fixable problem. The test files intentionally
contain material whose purpose is to trigger a virus scanner. That is
their entire point. The fact that they do in fact trigger a virus
scanner is unfortunate in this case, but it is a straightforward
consequence and there probably isn't much you can do about it (except
of course to not use a virus scanner while downloading virus scanning
The EICAR string is all very well, but doesn't solve this problem.
Either virus scanners treat EICAR just like any real virus, alerting
and/or blocking stuff, or they treat it as a special case. If the
formert, you haven't solved anything. If the latter, then by the
nature of it being a special case, EICAR alone is not sufficient test
coverage for virus scanning functionality.