Hello, > > On 2008-08-20 17:31, Henrik K wrote: > > > I guess they are some sort of pseudo-binary-code or whatever. I'd like > > > to see ClamAV use this kind of technology.
pseudo-binary code would slow down clamav. Clamav is already slower than e.g. drweb, at least on out systems. Do you want to have slow antivirus? I don't. > On Wed, Aug 20, 2008 at 05:40:55PM +0300, Török Edwin wrote: > > Distributing binary executable code via database updates? I don't think > > that is a wise idea. > > Perhaps distributing bytecode would allow you to use older engines for > > longer time. On 21.08.08 08:37, Henrik K wrote: > I don't care what the method would be. Be innovative. Create a safe method. > :) > Distributing "whole sources" to fix smaller (but serious) issues seems a > waste. distributing whole sources is not problem, if they could be distributed w/o virus db. Removing database from rc4 changed the .tgz from 20 to 2.7 MiB. Compressed diff (patch) from 0.93.3 to 0.94rc4 is 277k. Yes, they are not binary. > For example, some zip exploit. Just disabling the zip engine and > hoping that users upgrade soon is ok, but not very high-tech. It would be > wonderful to just get the core zip engine updated together with signatures. I don't think it's safe. If we have the fix, it should be patshed asap. Disabling the zip engine is only a hotfix which may cause viruses to be passed through (yes, workstations should be using different AV than servers). -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. LSD will make your ECS screen display 16.7 million colors _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml