[csw-maintainers] ClamAV - to include the (obsolete) signatures or not?
James Lee
james at opencsw.org
Sat Dec 13 11:55:42 CET 2008
On 12/12/08, 21:43:03, Peter Bonivart <bonivart at opencsw.org> wrote
regarding [csw-maintainers] ClamAV - to include the (obsolete) signatures
or not?:
> I'm packaging ClamAV (please help test it, see link below) and I'm
> wondering what you think about including the virus signatures. The
> signature database files are about 18 MB if I remember correctly and
> doesn't compress much so the package becomes around 20 MB. From a
> security point of view it's not wise to use ClamAV with the included
> signatures since they are becoming more obsolete for every day passing
> since source release (November 26th). On the other hand you can't scan
> at all without a signature database and must start by downloading one
> with the freshclam command, which is really what everyone should do
> anyway.
> Should we provide a 20 MB package fully operational which needs
> updating or should we provide a 2 MB package which *must* be updated?
The latter, leave them out and force the use of freshclam.
Any existing users doing update should have newer "main" and "daily"
files than in the package so won't want the older ones in a package.
> If the second alternative, is it good enough to inform the user about
> this via the postinstall script for example? An automated run of
> freshclam will not work in most cases without some simple
> configuration which can't be guessed by me.
Why doesn't a default install work?
Freshclam will download the full files if it finds none, e.g. the first
time.
"DatabaseMirror db.local.clamav.net" should resolve to a suitable site,
prove this by running "nslookup db.local.clamav.net" and it will
show a list of places local to yourself.
It's possible to add to crontab with postinstall (a new challenge to
cswclassutils?) but maybe freshclam in daemon mode is better anyway,
(variable time, control run level, control its stop and start).
> A third alternative would be, like many Linux dists do, to separate
> the database to its own package but I only see that as viable option
> if I would constantly update that package which would
> be...stupid...when there's a perfect solution provided with ClamAV for
> that.
Yes stupid! The perfect solution is clamav's freshclam.
James.
More information about the maintainers
mailing list