On 3/20/2013 9:47 AM, Eugene Crosser wrote: > On 03/20/2013 06:35 PM, Matt Olney wrote: > >> We're currently scoping out the next version of ClamAV. We have a number >> of ideas in house, but I wanted to solicit some feedback from our users >> about what you might be interested in seeing. > API to scan data that is already read (or, more practically, mmap()'ed) > into memory, a la scan_buff(void *start, size_t length, ...<options etc.>) > > Thanks, > > Eugene > > > I second that! Right now we have to write an email message to disk just so we can pass in a file descriptor.
I'd also advocate better support/documentation/testing of a "lite" ClamAV build configuration. Namely geared towards systems with limited memory and/or smaller than normal thread stack sizes, or strict security environments, yet still capable of examining large file(s). This would include being designed to run (as effectively as possible) without the builtin runtime. Security audits have flagged ClamAV in the past because it ships with LLVM code and could (theoretically) execute arbitrary code from a compromised definitions file. _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net
