tags 290248 +upstream forwarded 290248 [EMAIL PROTECTED] thanks This one time, at band camp, Antonio Fiol said: > I am using clamd in STREAM mode in every case. > > I have found a way of fooling the scanner to give a false > negative: > > If the user sends a BIG file (bigger than the limit) with a virus near > the end (outside the limit), it will get cut, and the virus will not be > found. > > IMO, the scanner should detect this as an exceptional situation, and > react by saying: > stream: ERROR:Size-limit-exceeded FOUND > > Or any other informative string.
I agree this is reasonable, at least as far as this has been their way of handling other failures (Encrypted.Zip, etc). Your request has been forwarded upstream. -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
pgpVDjN2RTQx4.pgp
Description: PGP signature
