On Mar 01, 2005, at 19:59, Stephen Gran wrote:
On Wed, Mar 02, 2005 at 12:34:33AM +0100, Steffen Heil said:Hi
Now you're comparing ClamAV to close source software where such a model is easy and painless.
And you are misunderstanding him. He voted for distinction between engine and host software. Which I think is really a great idea (not a new one though).
This would require some major architectural changes to the way clamav operates, but would not in and of itself be impossible - it already is, for the most part, possible to upgrade the libraries that the binaries use, and then just restart the processes so they pick up the new library. And no reboot :)
Show us an open-source security _software_ (and not Linux distributions, etc.) which serves binary updates to its users.
This is not about serving binaries, this is about serving separated compile packages for engine and other software parts. Image having the engine (using some very well defined api) in a separate dll/so. Updates could be installed by copying the dll/so to the target systems and restarting the service.
You understand that an .so file is a compiled binary, right? For which
cpu platforms would you like the .so to be made available? And compiled
against which versions of glibc, curl, lwrap, lmilter, and so on? Which
kernel version, and which OS and OS version?
If you want binary distribution, use a binary distribution. There are plenty to choose from out there. It is not the job of the people writing the code to make it available for every platform under the sun, and with every possible combination of compilers, libraries, kernels, and other OS quirks.
Take care,
It is my opinion that installing from an RPM package is a lazy way to get what you want in a kinda sorta way.
You have to rely on the entire package if you don't know how to extract what you want and it may not have exactly what you want so you sacrifice and compromise to achieve your goal.
I believe that building from source against your already installed, tested and proven environment is by far the best process to obtain exactly what you want and need without making any sacrifices or compromises.
Ultimately, the environment is yours to manage in the way that you see fit.
Installing ClamAV from someone else's RPM may work for you but you may wish to consider what it's actually costing you in the end.
I've just rebuilt ClamAV from source on an FC1 and a Mac OSX server after making minor source code edits, the time involved on both machines was less than 15 minutes, this also included a complete rebuild of Apache and PHP on the Mac (I have fast machines) so using old and outdated software because your waiting on an updated RPM doesn't make any logical sense.
I think your time would be better spent learning how to build from raw source to get what you need when you need it.
Of course this is just my opinion and doesn't bear any weight to what you decide to do.
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
