This one time, at band camp, Kevin Mark said: > On Sat, Oct 09, 2004 at 11:00:51AM +0200, Francesco Paolo Lovergine wrote: > > On Sat, Oct 09, 2004 at 03:01:11AM -0400, Kevin Mark wrote: > > > Packages like virus checkers seem to be > > > composed of 2 parts: the app program and the data where the data in > > > this case are virus sigs and the app is say clamav. And the 'volitile' > > > part is the virus sigs whereas the app (once it hits stable) shouldnt > > > change unless it warrents a 'security' update. So, volitile should be > > > for the data/virus sigs that need updating when new bugs hit the 'net. > > > > No, often such kind of programs need engine update. That's true for > > both AV and antispam programs as well. > > > Hi Francesco, > so: > the program = engine part + (some un-named part) ??? > and the engine part and the data part are volitile In the case of clamav, most of the work of scanning is handled by library functions, and these functions are called by the frontend programs like clamscan, clamdscan, and the milter. I think that spamassassin works much the saem way - most of the real work is done by the perl module Mail::Spamassassin, and the frontend programs /usr/bin/spamassassin and spamc are an interface to using these functions. In addition to the engine itself, as has been noted, there are the data sets that the engine uses to identify potential targets. In the case of spamassassin, these are rules, and in the case of clamav, these are virus signatures. Right now, it is easy enough to get new data sets - the clamav suite inculdes an updater for it's data, and spamassassin is easy to add new rules to. The problem is updating the engine in a stable release. -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : sgran@debian.org | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
Attachment:
pgpq1LvRNO4wZ.pgp
Description: PGP signature