On 4/7/2010 4:05 PM, David F. Skoll wrote:
o The server could look at the Freshclam user-agent version number and not serve up the new database if it's too old.
Wouldn't this provide a solution? I checked, and freshclam does provide the version number in the User-Agent string. I used the trusty packet sniffer to check first. And while I'm not sure what the end result/error would be, couldn't the servers be easily configured to redirect requests from old clients? Or better yet, somehow return the last valid/working image for < 0.94.2 clients?
I understand that F/OSS projects like ClamAV are at the mercy of what the developers would like to work on, and that generally means pushing the code forward rather than maintaining past releases; but common cutesy says they also shouldn't knowingly make technical decisions that will result their code exploding into a burst of flames at some arbitrary point in the future. As someone who regularly gets parachuted into burning buildings with a keyboard and a water bucket; I instinctively frown upon the people who go about setting fires on purpose.
There is a big difference between a product that is no longer updated/maintained past a certain date but continues to provide the same humble functionality it had when it was abandoned, and one that refuses past a certain date.
Personally speaking, I have a few servers in production right now that use 0.94.2 because moving past that point will require updating code to use the new library interface. I had assumed on those servers that ClamAV would simply continue working past the 15th, but would just be stuck using whatever ends up being the last compatible signatures database. This thread made me realize that if I don't disable freshclam on the 14th, I might be needing the water bucket on the 15th.
For those sysadmins who don't notice this thread; I hope all that ends up happening is inbound mail gets delivered without being scanned. And that they are are able to revert their database to a working version or update their installs before the bad guys realize which systems are no longer scanning for viruses.
Of course the unlucky ones will only hear the bells that ring when the bits stop flowing.
Anyone feel like volunteering to create a wrapped version of ClamAV that is binary compatible with pre 0.95 installs?
_______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net
