David F. Skoll wrote:
Jonathan Kamens wrote:
My company had hundreds of appliances in the field running versions of
ClamAV affected by this change. When we saw the announcement, we
immediately started working on figuring out how we were going to get
them updated by April 15, and we succeeded in doing so.
We have hundreds of appliances too. Those are easy. Most customers
enable automatic updates and have long since upgraded, and those that
haven't are easy to find and to upgrade.
The problem is we have some customers who prefer RPM versions of our
software, and still others who install from source on platforms like
NetBSD, Solaris and FreeBSD. We have no administrative control over
their machines, yet if something goes wrong, they (quite reasonably)
call us.
So even though 80% or more of our user-base is fine, I still dread
hundreds of support calls come the 15th. It doesn't do *us* any good
to say "We told you to upgrade... why didn't you?" when some irate
caller's mail is down.
So anyway... to try to make something constructive out of this thread,
I have a feature suggestion: Incorporate the version number in your
DNS TXT records and download URLs. Your download mirrors can use
symlinks in most cases (when versions are completely compatible) and
you can easily stop older machines from attempting to download by
stopping updates on the 0.96.whatever.clamav.net TXT record.
I think the suggestion from Jonathan is a good one : allow people to
continue to run the antivirus with the older database and no updates.
That means, instead of "refuse to load and exit", it should just reload
the last valid database without update.
On the other hand, running an antivirus older than two years while there
are new releases available, for free, is quite irresponsible.
While it's acceptable to run a really old version of, say, openoffice,
it isn't for a security related software.
The problem with your customers is that you accepted to engage yourself
about something which is intrinsically moving and you have no control
(and you can't) just to satisfy the injustified inertia of a (I hope)
small amount of your users. Maybe you can set up a mirror on your
domain, with the old database, just for your lazy customers.
Regards,
--
---------------------------------------------------------------
Jose Marcio MARTINS DA CRUZ http://j-chkmail.ensmp.fr
Ecole des Mines de Paris
60, bd Saint Michel 75272 - PARIS CEDEX 06
mailto:[email protected]
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
