Re: RFC: Patch to block Windows executables: msg#00024 security.virus.clamav.devel

>I'm attaching a patch against version 0.87.1 that adds an option to
>return a positive on *any* Windows executable, not just one that matches
>a virus signature.

It's a good idea but I'm not sure the checks you used will actally
catch all windows executables. Might be better to stick with the
signature mechanism and collect a file of windows executable
signatures for people to optionally install.
---
Jef

Jef Poskanzer jef@xxxxxxxxxxxxx http://www.acme.com/jef/
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html

<Prev in Thread]	Current Thread	[Next in Thread>

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	RFC: Patch to block Windows executables: 00024, Saint Aardvark the Carpeted
Next by Date:	Blocking Broken Archives: 00024, Sander Holthas
Previous by Thread:	RFC: Patch to block Windows executablesi: 00024, Saint Aardvark the Carpeted
Next by Thread:	Blocking Broken Archives: 00024, Sander Holthas
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

RFC: Patch to block Windows executables: 00024, Saint Aardvark the Carpeted

Next by Date:

Blocking Broken Archives: 00024, Sander Holthas

Previous by Thread:

RFC: Patch to block Windows executablesi: 00024, Saint Aardvark the Carpeted

Next by Thread:

Blocking Broken Archives: 00024, Sander Holthas

Indexes:

[Date] [Thread] [Top] [All Lists]