On Thu, 11 Mar 2010 14:26:07 -0500 "David F. Skoll" <d...@roaringpenguin.com> wrote:
> Tomasz Kojm wrote: > > > Due to security reasons all bytecodes need to be digitally signed, > > so no 3rd parties will be able to inject any code into your installations. > > I believe this is the same security model used by Microsoft for Active X. > (NOTE: I am in no way implying that your bytecode interpreter is as > dangerous. I am implying that anyone can make an honest mistake and > sign buggy code, or have his private key compromised.) > > > When it comes to vulnerabilities, they will not be that critical as > > vulnerabilities in the regular code since all bytecodes can be remotely > > fixed/removed. > > OK... here's another question: ClamAV is licensed under the GPL. Your > bytecode programs are distributed in object-code format. > > Will you make the corresponding source code available? yes, the bytecodes will embed the source code and the new tool called "clambc" shipped with 0.96 can display the corresponding source code with --printsrc > What language is the source code written in? In a C-like language -- oo ..... Tomasz Kojm <tk...@clamav.net> (\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg \..........._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Thu Mar 11 21:21:59 CET 2010 _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net
