On 10/23/2018 2:17 PM, Luke Massa wrote: > > In short, is there any way I can setup clamav/freshclam and be > confident that a malicious user isn’t adding/removing signatures > from the upstream mirrors?
The .cvd files have an internal cryptographic signature that's checked by freshclam and clamd/clamscan. If freshclam and/or clamd accepts the files, you can be assured they are official and unmodified. This is built into clam; no external tools are called. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml