opposition against clamav-data in debian volatile
- To: debian developers <debian-devel@lists.debian.org>
- Subject: opposition against clamav-data in debian volatile
- From: Török Edvin <edwintorok@gmail.com>
- Date: Sun, 25 Oct 2009 10:23:58 +0200
- Message-id: <[🔎] 4354d3270910250123h4169b4b6g7dfa83b55248ba14@mail.gmail.com>
- In-reply-to: <4354d3270910250123ydc9e84bg9df7c9d56821d155@mail.gmail.com>
- References: <20090917230205.48fd6e67.michael.s.gilbert@gmail.com> <E1MovNj-00032x-Lf@swivel.zugschlus.de> <slrnhb9vhh.5q0.trash@kelgar.0x539.de> <E1MpNut-0004CJ-QR@swivel.zugschlus.de> <4AB645F5.6070605@debian.org> <E1MpRcN-0006zu-WD@swivel.zugschlus.de> <20090920212830.GA813@khazad-dum.debian.net> <f3c99a80909220513s4a42c585n8aa1755dbc232e6a@mail.gmail.com> <8763bbgofm.fsf@mid.deneb.enyo.de> <4354d3270910250123ydc9e84bg9df7c9d56821d155@mail.gmail.com>
On Tue, Sep 22, 2009 at 14:21, Florian Weimer <fw@deneb.enyo.de> wrote:
> * Javier Fernandez-Sanguino:
>
>> This really sounds like there is a "use case" for data-only
>> "packages" that:
>
> Is clamav-data really data-only? Other AV software ships some sort of
> code even in signature updates (as opposed to engine updates).
>
Yes, the signatures contain only signatures, which are hexadecimal
patterns with wildcards, hashes, and so on. See
http://www.clamav.net/doc/latest/signatures.pdf
For ClamAV 0.96 we have planned support for bytecode signatures, see
http://www.clamav.net/about/roadmap.
This is not directly executable code, but bytecode that is executed by
an interpreter/JIT, and doesn't have access to the system in any way,
it only has access to a restricted set of ClamAV APIs.
Regarding freshclam, there are 2 ways to setup a local mirror,
described here, see the question "I’m running ClamAV on a lot of
clients on my local network. Can I serve the cvd files from a local
server so that each client doesn’t have to download them from your
servers?"
http://www.clamav.net/support/faq/faq-cvd/
Best regards,
--Edwin
Reply to: