On Wed, Oct 1, 2014 at 11:55 AM, Michael Meeks <michael.me...@collabora.com> wrote: > Dear Nicholas, > > On Tue, 2014-09-30 at 17:19 -0400, nicholas ferguson wrote: >> I duplicated their directory structure. And my build still failed. > > Grief; we should certainly document turning off AV more prominently.
Listed quite prominently in the windows build instructions. And *any* AV-solution that blocks access should popup a corresponding message/indicator that it did so. > Ideally we could find a reproducer that we could check during configure > and print out: Nope, that won't help. If the user is ignoring the system's messages, why should he read ours? And checking whether virus solution xy is running probably is a surefire way to get detected as malicious beforehand so you won't be able to show that message :-) > It'd be great to isolate exactly what is causing the problem, so we > can > save other people this suffering; I'd love to invest in that. BitDefender/Security Essentials blocks some of the CVE test-files. I assume that to be no difference here. And there's no way to have av-vendors whitelist those files, as after all they can exploit vulnerabilities in other/older software. If it needs forensics to find out what was blocked, then the av-solution is crap, or the user unwilling to look at the software's logs. > On Tue, 2014-09-30 at 17:50 -0400, nicholas ferguson wrote: >> I think that is a bad idea. A good idea is to turn on anti virus >> where work is done. you can't tell developers to turn off their >> anti virus when working on windows. That’s crazy talk Either you disable monitoring for the build-directories, or you whitelist stuff in another way. Or use a different AV-solution. Of course false-detection in the result is another story - Symantec (Norton AV) offers a whitelisting form that I use for the official builds, so regular users don't get warning when downloading/installing the finished product. But building is a different story. I see no way to have the build free of AV-detection unless we remove all of the CVE testdocuments. In fact any AV-solution that doesn't block/break the build in a way is not tightly monitoring the system.. So only way is to do as already written in the buildinstructions and common sense when actually looking at the AV-solutions' reports: Disable monitoring for the build. Not only will that not break the build, but also save some cycles for actually compiling stuff instead of checking lots of intermediate files. Your build-account surely is not an administrative account, and not even the one you do your office work with (as the tests pop up lots of windows that would otherwise be very distracting) - so I absolutely don't see this as a huge problem. ciao Christian _______________________________________________ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
