* Philipp Kern: > On 2009-09-21, Hilko Bengen <ben...@debian.org> wrote: >> I have written and maintained scripts that download signature file >> updates for several commercial antivirus scanners and built packages for >> them -- which is pretty much the same thing that clamav-getfiles does. >> 10 updates to the signature files per day are not uncommon in the >> proprietary space and I'd be very surprised if things were any different >> for ClamAV. > > Well, there was also the problem that when asked what problem it tries to > solve nobody came up with something sane.
So, you see no use-case for which it would be worth to support clamav-data? What about a geoip-data package? What are the criteria that need to be met? > If boxes have no internet access freshclam could ask through a proxy, > or similar. So I guess the usecase is really that you shut off your > machines from the internet, only able to access internal hosts and the > packaging mirror to fetch the signatures from? How is that different > from just setting up a signature mirror on an internal host? If AV signatures and other data files are made available through the archive infrastructure administrators of such setups are saved from having to do extra error-prone work for each application that relies on current data files. To me, the main point of using a Debian's distribution mechanism is that I can avoid having to do stuff _manually_. As long as I can trust the involved parties (package maintainers, the ftp team, the security team, etc.) to do a better job than I could on my own, I am happy to use their work. Which is fine. Setting up a local mirror for some data files may seem little work at first, but every time your homegrown mirroring mechanism breaks, you will need to put in more effort into fixing it. If you take your job seriously, you will want to implement proactive checks for the mirroring mechanism so an alarm is raised if the network connection fails or if the mirroring software decides to download garbage etc.. Suddenly, you have to put in a lot of effort for a problem that was solved with the first release of apt. And you'd have to do the same kind of work for every application that needs constant updating in order to remain useful. Sounds like fun, doesn't it? Yes, I am lazy to a certain degree because avoiding to work on uninteresting, repetitive tasks that have been solved before by smart people leaves more time for me to spend on interesting things. I find this kind of prioritizing quite sane. :-) And I'd expect many Debian users to think along similar lines. -Hilko -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org