On Nov 7, 2006, at 6:48 PM, Jim Redman wrote:
Chris,
Christopher X. Candreva wrote:
On Tue, 7 Nov 2006, Jim Redman wrote:
Your opinions, seem to be the prevalent attitude of the vocal
members of this
list - if you don't suffer, it wasn't worth it.
I would disagree, in that I don't see it as suffering.
Forgive me if I missed it, but what is your specific problem ?
Perhaps we have different definitions of suffering.
The only specific complaint I saw was the message "Your version is
outdated", and that seems to me to be a very simple English
declarative sentence, with a simple solution. You are running an
old version, get a new one.
Sorry, my point has nothing to do with my particular suffering or
any particular aspect of that - or at least only indirectly.
My observation is that of all the modern packages ClamAV fails to
install and run successfully and securely without operator
intervention. I think that this should be refined to reference
Fedora packages and perhaps not all of them.
There are a number of reasons why I consider this a bad thing
(other opinions have been expressed by others on the list).
1) It sucks my time because I immediately have to learn more than I
want to about ClamAV (and freshclam and clamav-milter and the
interactions between all these applications).
2) The installation is probably going to be sub-optimal because I
don't have enough time to spend on ClamAV to become the expert that
others on this list clearly are.
You don't have to be an expert to tune it if you're just reading the
config file, though. If you have problems with the server spiking
CPU usage or running out of RAM, it's not hard to look and see what
settings would affect that.
If you can't do this and the material is out there for people to
easily refer to, maybe you're short on staff (and need more people in
your department) or there's some management problems that keep you
from effectively doing your job, from the sounds of it.
3) It encourages bad/insecure installations because people
(including me) without enough time to spend on researching the best
way to install ClamAV (and associated apps) will be ignorant of
possible security hole (or not recognize the significance of
them). Bad installations could be REALLY bad - is there any way
ClamAV could be instrumental in generating mails to the SENDER of a
virus e-mail?
This can be a problem with ANY software. I don't know anything about
AutoCAD, yet am expected to install and troubleshoot it at times. I
rely on the people who know AutoCAD (but squat about computers) to
tell me when something is "wrong" with their install and troubleshoot
it from there (yes, we're understaffed, otherwise I'd dedicate more
time to learning it; just the reality of the situation).
It means that either they hire more people, let me dedicate more time
to troubleshooting and repairing server work, or suffer the
consequences of the short staffed. I'm not going to bitch to the
software programmers that they need to fix my problems that are
caused by management on my side, though, since there is documentation
and references available for the software package...I just click
through the defaults and mop up problems later on.
4) (Altruism) It limits the adoption of ClamAV which in turn
increase the number/penetration of viruses.
Maybe the project doesn't WANT people who have problems with their
installs caused by willful ignorance...just a thought. The OP showed
this right off with the title "cherishing my ignorance". If someone
wants a labor-centric job with no skills to enhance, apply at
McBurger King. They cherish employees who cherish ignorance because
they're easy to hire and fire.
IT isn't a McJob that it seems to get treated as. One person doing
overlapping job skills without an adequate staff to support them will
cause problems, and the business needs to recognize that.
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html