Dennis Skinner [EMAIL PROTECTED] wrote: > Julian Mehnle wrote: > > "technical" := "affecting the technical systems involved in storing > > and transporting the data items subject to being scanned by ClamAV". > > > > "technical threat" := (go figure...) > > Would that include viruses that require action on the part of the > recipient? Included in password protected zips? What is the difference > between tricking a person into opening a password protected zip (which > is not dangerous in its delivered form) and tricking a user into > clicking a link that takes them to the virus?
Counter question: What do have the following in common: 1. tricking a user into clicking a link that takes him to a virus, and 2. tricking a user into clicking a link that takes him to a web page that tricks him into clicking on a link that takes him to the virus? Answer: It's not ClamAV's responsibility to protect the user from immediate threats that are outside of its sphere of action. This problem shouldn't be decided from an end-user's point of view. If _that_ were the criterion, ClamAV should also prevent the wrong device drivers from being installed on my PC. ClamAV could block a lot of stuff that somehow coult put the user in danger, but that would be an endless undertaking. Besides, the more indirect the threat gets, the more people will disagree on its dangerousness. ClamAV should be responsible for detecting objects that are immediately dangerous to the user (executables, JPEG exploits, etc.). The user's web browser is responsible not to allow untrusted objects from web pages to be executed. Those objects don't go through ClamAV as an e-mail scanner, and thus ClamAV as an e-mail scanner should not deploy measures to keep the user from getting in those object's vicinity. _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users