On Mon, 18 Apr 2005 14:39:02 -0500 René Berber <[EMAIL PROTECTED]> wrote:
> Tomasz Kojm wrote: > > On Mon, 18 Apr 2005 14:10:35 -0500 > > René Berber <[EMAIL PROTECTED]> wrote: > > > > > >>does not enable detecting them. Why? because you have to uncomment > >>DisableDefaultScanOptions to enable or disable the other options; > >even >if you have DetectBrokenExecutables uncommented the default > >value of >disabled is in effect... > > > > > > This is wrong. > > >From version 0.83 clamd.conf man page: > > DisableDefaultScanOptions > By default clamd uses scan options recommended by lib- > clamav. This option disables recommended options and > allows you to enable selected options. DO NOT ENABLE IT > unless you know what you are doing. > Default: disabled > > ScanPE PE stands for Portable Executable - it's an executable > file format used in all 32-bit versions of Windows oper- > ating systems. This option allows ClamAV to perform a > deeper analysis of executable files and it's also > required for decompression of popular executable packers > such as UPX. > Default: enabled > > DetectBrokenExecutables > With this option clamd will try to detect broken exe- > cutables and mark them as Broken.Executable. > Default: disabled > > What is wrong? To enable detecting broken executables you have to > change two options in the clamd.conf file (not only one as shown in > the posted options), one is uncommenting DisableDefaultScanOptions, > the second is uncommenting DetectBrokenExecutables. No. DisableDefaultScanOptions disables features enabled by default and DetectBrokenExecutables is not. Anyway, DisableDefaultScanOptions will be removed in clamav-devel in the next week. -- oo ..... Tomasz Kojm <[EMAIL PROTECTED]> (\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg \..........._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Mon Apr 18 22:25:36 CEST 2005
pgphBfylgN0DB.pgp
Description: PGP signature
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
