Hi, 1) how about using normal security features provided by linux os? (apparmor, selinux, chroot ..)
2) use containers, virtualization and similar techniques? Eero On Tue 22. Mar 2022 at 23.14, Yang, Jiayi via clamav-users < [email protected]> wrote: > Hi ClamAV community, > > > > Hope this email finds you well. I’m writing to inquire about the proper > usage of ClamAV and whether it’s suggested to run ClamAV within a sandbox > to avoid infecting other files/applications in the host if a malware is > detected. I have two main questions: > > > > 1. When scanning a given file, will ClamAV only do static > analysis(based on signature database) or it will execute the file and > analyze its behavior? If the file is a malware and we use ClamAV to scan > the file, will it possibly infect the scanner or infect other > files/applications on the host? > 2. Is there any built-in sandbox mechanism in ClamAV so that when it > scans a file, the file can be scanned in an isolated environment? > > > > Thank you so much! Looking forward to hearing from you. > > > > Best, > > Jiayi > > > > _______________________________________________ > > clamav-users mailing list > [email protected] > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >
_______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
