Dennis Peterson wrote: > Fajar A. Nugraha wrote: > Database objects can include blobs (binary large objects). These can > be files including executables, documents, other databases. They can > have viruses. In some instances the blob in an internal representation > and can be difficult to get to without sql. In other cases blobs can > be external storage objects (file system files) and easy to get at. > Regardless, there are many reasons one would wish to scan them for > viruses. > Yes, but (suppose) clamscan finds a virus on file oradata01.dbf. Would you REALLY spend your time examining which record on what table has the BLOB?
While I agree that "there are many reasons one would wish to scan them for viruses", one should also realise that in doing so (scanning file types that are uncommon or not known to have virus) will increase system CPU usage. If one concerns about CPU usage (as John did), than he probably shouldn't scan database files. > And why not HP-UX? Or Numa-Q? Or even VAX? I've even had it running on > an E-10k. My point is simply about popularity. The most popular systems would most likely have most virus threat. If you use HP-UX, then most likely there are no known active dangerous threat in the wild (other than some proof-of-concepts) that would work on that platform. So you could probably save a lot of resource (including CPU usage) by not scanning files on that platform. Unless of course this system is holding files for other platform (e.g. a samba file server, mail server, etc.). But then you should be working on integrating clamav with those server, not scanning file system. Again, I agree that there are probably a lot of reason for wanting to scan an entire file system on HP-UX. My point is you can save a lot of CPU time (without really adding much virus risk) by NOT doing so. Work selectively instead. Regards, Fajar _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
