[EMAIL PROTECTED] <> wrote:
On Fri, 2004-02-20 at 09:54, Doug Monroe wrote:
Greg is/was using F-Secure, but wrt to clamscan use, it might be advisable to add the -m flag to clamuko_options (Jason?)
(Doug: as far as the "-m" option WRT ClamAV goes - let me have a look at that - it's a separate, specific issue)
I would suggest against adding the -m flag (at least it shouldn't be added by default). All the clamav docs I have read strongly advise against using the mime decoding built into clamav due to potential memory leaks and bugs. In fact, there was some sort of bug/hole found in that code just last week (or maybe the week before)...
Thanks for pointing that out.
I'm honestly not knowledgable enough wrt clamav development to argue the point but just to followup on this, can you point to a ref of such bug/hole? If you're speaking of the problem with mbox code crashing on some MIME type/subtypes from around November 2003:
http://www.mail-archive.com/clamav-devel%40lists.sourceforge.net/msg00455.html
http://www.mail-archive.com/clamav-devel%40lists.sourceforge.net/msg00457.html
Perhaps those crashes are indeed reason enough to steer clear of using -m, but those specific issues have been addressed in newer releases. The only recent issue with mbox code that I'm aware of is a problem compiling with cywin.
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
