-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Luigi Iotti wrote: > To who is experiencing the *.cvd problem due to the "3rd party > scripts" in the RPM packages maintained by Petr Kristof , available > on http://crash.fce.vutbr.cz/crash-hat/5/ : > > Petr just released an upddated version of his packages, including > the patches to the script I suggested on the list. Now the infamous > *.cvd file problem (and another trivial problem where clamd did not > start if the main.cvd file was not found) should be solved. > > Thank you Petr. > > Luigi > I just tested and clamd will try to read any file with the extension of .cvd in the /var/lib/clamav directory. My simple question is: "Could this pose a security or virus scanning problem if someone managed to place an empty or invalid .cvd file intensionally in the database directory?"
I say this, because it makes clamav un-operational and unable to scan for viruses on the system or email. - -James -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGHq3GkNLDmnu1kSkRApw9AJ9QZpuSIr/H6EAma5mPsB0ZFLMlXgCfcwsS b0KIIfQRv/DUvhUypFm84zk= =yhzI -----END PGP SIGNATURE----- _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
