On Wed, 16 Apr 2008 16:38:05 +0100 Brian Morrison <[EMAIL PROTECTED]> wrote:
> Does the unsigned .cld file mean that an attack vector could be to edit > the .cld file and thus corrupt it? I can see that the cdiff signing > protects the path between the database servers and freshclam, but that > protection is not available once on an end-user system. freshclam makes sure that everything it downloads and installs comes from trusted sources. But if someone takes control over your database directory, then he do any kind of harm (remove or replace the entire database, add new signatures, etc.) -- oo ..... Tomasz Kojm <[EMAIL PROTECTED]> (\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg \..........._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Wed Apr 16 18:13:22 CEST 2008 _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
