On 5/3/10 12:09 AM, Mark wrote:
On Apr 27, 2010, at 3:23 PM, Sarocet wrote:
The ClamAV team didn't design the AV to stop on getting a special
signature. That signature could exist due to a bug that you decided
not to fix (by not updating/patching). It was a clever use of a bug
to disable the daemon.
You are right that the ClamAV team exploited this feature to notify
users that the format of the database was changing and giving a
descriptive message as to why the database failed to load.
What they did was a bad call. They wilfully let freshclam download an
update which they knew would crash the clamd service.
This was going to happen anyway when the signatures grew to take advantage of
the new format. Older versions of clamd were going to die sooner or later. It
was inevitable this would happen. That is why they warned users for so long that
they needed to take action to prevent this.
Nobody who is a competent messaging professional suffered a failure. With so
many months to prepare, how could one fail? That says a lot about competence. It
also says if you suffered a failure you're a complete moron, but that's just my
view of it. Some might not think you're a moron if you suffered a failure. Maybe.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
