Hello, I've made a few tests lately to embed malwares inside UNIX packages like RPM or DEB packages. Once done, I scanned the packages with many anti-virus products to check their efficiency.
Concerning clamav, there was no problem finding malware embedded into a RPM package. Nevertheless clamscan was unable to detect a known malware (the C99 PHP Backdoor) added to a preinst or postinst file. Should I report this as a bug ? Regards _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net