On Tue Jul 26 2011 20:03:54 GMT+0200 (CET) Jim Preston <jimli...@commspeed.net> wrote: > On 07/25/2011 12:36 PM, Nathan Gibbs wrote: >> [snip] >>> - before publishing the signatures, we will test them for >>> false positives against our false positive file collection. >>> - before publishing the signatures, we'll verify that the latest two >>> major >>> versions of ClamAV can load them correctly. >>> - the signatures will be digitally signed and packaged into a single >>> .cvd compressed file. >> Because as covered on the devel list, us lowly users can't be allowed to >> sign our own sigs. >> :-) >> Is this or is this not open source software? >> > > I like the idea of having the sigs checked by ClamAV first and signed by > them. A concern I have is that a great way to defeat AV would be to > sabotage the database. The software itself would say "Hey, I am running > great and doing scans properly" even if critical sigs have been removed > so that viruses can be passed on.
The 3rd party signatures will be distributed inside separate .cvd files and you will need to enable them in freshclam.conf. They'll have nothing to do with the official databases. Regards, -- oo ..... Tomasz Kojm <tk...@clamav.net> (\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg \..........._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Tue Jul 26 21:11:25 CEST 2011 _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
