[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: opposition against clamav-data in debian volatile

* Philipp Kern:

> On 2009-09-21, Hilko Bengen <bengen@debian.org> wrote:
>> I have written and maintained scripts that download signature file
>> updates for several commercial antivirus scanners and built packages for
>> them -- which is pretty much the same thing that clamav-getfiles does.
>> 10 updates to the signature files per day are not uncommon in the
>> proprietary space and I'd be very surprised if things were any different
>> for ClamAV.
>
> Well, there was also the problem that when asked what problem it tries to
> solve nobody came up with something sane.

So, you see no use-case for which it would be worth to support
clamav-data? What about a geoip-data package? What are the criteria that
need to be met?

> If boxes have no internet access freshclam could ask through a proxy,
> or similar. So I guess the usecase is really that you shut off your
> machines from the internet, only able to access internal hosts and the
> packaging mirror to fetch the signatures from? How is that different
> from just setting up a signature mirror on an internal host?

If AV signatures and other data files are made available through the
archive infrastructure administrators of such setups are saved from
having to do extra error-prone work for each application that relies on
current data files.


To me, the main point of using a Debian's distribution mechanism is that
I can avoid having to do stuff _manually_. As long as I can trust the
involved parties (package maintainers, the ftp team, the security team,
etc.) to do a better job than I could on my own, I am happy to use their
work. Which is fine.

Setting up a local mirror for some data files may seem little work at
first, but every time your homegrown mirroring mechanism breaks, you
will need to put in more effort into fixing it. If you take your job
seriously, you will want to implement proactive checks for the mirroring
mechanism so an alarm is raised if the network connection fails or if
the mirroring software decides to download garbage etc.. Suddenly, you
have to put in a lot of effort for a problem that was solved with the
first release of apt.

And you'd have to do the same kind of work for every application that
needs constant updating in order to remain useful. Sounds like fun,
doesn't it?

Yes, I am lazy to a certain degree because avoiding to work on
uninteresting, repetitive tasks that have been solved before by smart
people leaves more time for me to spend on interesting things. I find
this kind of prioritizing quite sane. :-) And I'd expect many Debian
users to think along similar lines.

-Hilko
Reply to: