Re: [Clamav-users] some little questions
On Wed, 3 Mar 2004 02:10:44 +0100 Rembrandt [EMAIL PROTECTED] wrote: I've 3 little questions but at first I'm sorry couse I dosn't check the archives. :o) 1. Is it possible to improve the BSD-support? Like on-acces-scanning and co? The CVS version supports on-access scanning under FreeBSD. 2. Are there any improvemts planed wich enable clamAV to clean files? Now it just delete them. No. 3. Please don't make a flamewar () but: Why GPL? ClamAV contains a third party GPL software which infects it with the GPL virus :) -- oo. Tomasz Kojm [EMAIL PROTECTED] (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Wed Mar 3 11:24:54 CET 2004 pgp0.pgp Description: PGP signature
Re: [Clamav-users] some little questions
On Wed, 2004-03-03 at 02:28, Rembrandt wrote: I know guys wich are working as administrators at a newspaper. They make backups.. yes.. But they make it only for 1 week (couse there's too much data). So they're able to restore all files wich changed since date X. But what's about a virii wich infects the files and waits until a special date? Or what's about logic-bombs? Its not the job of an anti-virus solution to compensate for inadequate backups. This is inadequate because if you may need a file from a month ago your backup solution should be able to deliver that. A weekly rotation is only any good if the files you are backing up will genuinely not be needed for longer than a week. There are plenty of adequate ways to minimise the amount of media needed to perform much longer term backups (for example the Tower of Hanoi method). BMRB International http://www.bmrb.co.uk +44 (0)20 8566 5000 _ This message (and any attachment) is intended only for the recipient and may contain confidential and/or privileged material. If you have received this in error, please contact the sender and delete this message immediately. Disclosure, copying or other action taken in respect of this email or in reliance on it is prohibited. BMRB International Limited accepts no liability in relation to any personal emails, or content of any email which does not directly relate to our business. --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] some little questions
On 03 Mar 2004 07:55:00 + [EMAIL PROTECTED] (Kevin Spicer) wrote: On Wed, 2004-03-03 at 02:28, Rembrandt wrote: I know guys wich are working as administrators at a newspaper. They make backups.. yes.. But they make it only for 1 week (couse there's too much data). So they're able to restore all files wich changed since date X. But what's about a virii wich infects the files and waits until a special date? Or what's about logic-bombs? Its not the job of an anti-virus solution to compensate for inadequate backups. This is inadequate because if you may need a file from a month ago your backup solution should be able to deliver that. A weekly rotation is only any good if the files you are backing up will genuinely not be needed for longer than a week. There are plenty of adequate ways to minimise the amount of media needed to perform much longer term backups (for example the Tower of Hanoi method). I don't angree couse a virus could also infect backups if the virus keep itself secret. And after 14 or 16 months it could destroy all data. Don't say Admins have to. They do their work but they can't fight what they dosn't see. pgp0.pgp Description: PGP signature
Re: [Clamav-users] some little questions
On Wed, 3 Mar 2004 11:28:03 +0100 [EMAIL PROTECTED] (Tomasz Kojm) wrote: On Wed, 3 Mar 2004 02:10:44 +0100 Rembrandt [EMAIL PROTECTED] wrote: I've 3 little questions but at first I'm sorry couse I dosn't check the archives. :o) 1. Is it possible to improve the BSD-support? Like on-acces-scanning and co? The CVS version supports on-access scanning under FreeBSD. 2. Are there any improvemts planed wich enable clamAV to clean files? Now it just delete them. No. 3. Please don't make a flamewar () but: Why GPL? ClamAV contains a third party GPL software which infects it with the GPL virus :) Ok... Wich parts are GPLed? Could you give me a list? If I've a list I'm sure I'm able to find coders to replace the GPLed source with BSDed source. :) Give me a list *cry* :) pgp0.pgp Description: PGP signature
Re: [Clamav-users] some little questions
On Wed, 2004-03-03 at 14:07, Rembrandt wrote: Ok... Wich parts are GPLed? Could you give me a list? If I've a list I'm sure I'm able to find coders to replace the GPLed source with BSDed source. :) I know that the ZZIP library is LPGLed. What's wrong with GPL? (Specifically why is this a problem for you in this case?) Michael Give me a list *cry* :) -- Michael L Torrie [EMAIL PROTECTED] --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] some little questions
On Wed, 03 Mar 2004 15:06:19 -0700 [EMAIL PROTECTED] (Michael L Torrie) wrote: On Wed, 2004-03-03 at 14:07, Rembrandt wrote: Ok... Wich parts are GPLed? Could you give me a list? If I've a list I'm sure I'm able to find coders to replace the GPLed source with BSDed source. :) I know that the ZZIP library is LPGLed. What's wrong with GPL? (Specifically why is this a problem for you in this case?) Michael I think zzip-lib could be replaced with the info-zip http://www.info-zip.org/ is under BSD-like license! :) And info-zip is in use on nBSD. Are there other parts of clamAV witch are GPLed? And Michael I dislike the GPL couse it dosn't set anything FREE. BSD is free, realy free... And now I wont told you any neutral point of view: I dislike (more then dislike hate?) GPL... GPL is just another virus in the net. pgp0.pgp Description: PGP signature
Re: [Clamav-users] some little questions
On Wed, 3 Mar 2004 22:07:33 +0100 Rembrandt [EMAIL PROTECTED] wrote: Ok... Wich parts are GPLed? Could you give me a list? If I've a list I'm sure I'm able to find coders to replace the GPLed source with BSDed source. :) Yeah, sure. Give me a list *cry* :) Sorry but this is a time wasting discussion. -- oo. Tomasz Kojm [EMAIL PROTECTED] (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Thu Mar 4 00:42:58 CET 2004 pgp0.pgp Description: PGP signature
[Clamav-users] some little questions
I've 3 little questions but at first I'm sorry couse I dosn't check the archives. :o) 1. Is it possible to improve the BSD-support? Like on-acces-scanning and co? 2. Are there any improvemts planed wich enable clamAV to clean files? Now it just delete them. 3. Please don't make a flamewar () but: Why GPL? I think clamAV could also use a more free license like the BSD-license couse nobody steals something from clamAV. And the reason is easy: All other commercial scanners detects more virii/worms and they could also clean the most files. So why GPL and not BSD-License? I think with the BSD-License clamAV could be more acceptable for more people. Not just all current BSD-OSs (NetBSD, FreeBSD, OpenBSD, MirBSD, MicroBSD...). There much more people wich prefer BSD-Licensed code and wich strictly against GPL (such as Plan9 and other OSs). I hope I see this point as neutral as I'm able to do that. But I repeat: There's no reason for the GPL-License. And now I hope I became a precise answer why ClamAV using the GPL-License and why it can't be under BSD-License. :) MfG. Rembrandt van Rijn p.s. Tomasz (leader) please check your mails! pgp0.pgp Description: PGP signature
Re: [Clamav-users] some little questions
On Wed, 3 Mar 2004, Rembrandt wrote: [...] 2. Are there any improvemts planed wich enable clamAV to clean files? Now it just delete them. I can't speak for anyone but myself, but I don't think that is planned. First of all, some virii may be impossible to clean (some of them destroy the files they infect). Second, some files may be *very* hard to clean since the virii rewrite the binary in order to insert itself and figuring out what the file looked like prior to infection is *not* trivial, so it's a hard problem and to do it requires a lot of time and often specific handling of each individual virus. Third, would you trust a file after it was cleaned? Personally I would not - no matter who cleaned it; clam or some commercial AV vendor doesn't matter, I still wouldn't trust that file. If an infected file is found, the only proper action in my oppinion is to delete the file and then restore a known-good copy from original media or backup. 3. Please don't make a flamewar () but: Why GPL? I think clamAV could also use a more free license like the BSD-license couse nobody steals something from clamAV. And the reason is easy: All other commercial scanners detects more virii/worms and they could also clean the most files. So why GPL and not BSD-License? I think with the BSD-License clamAV could be more acceptable for more people. Not just all current BSD-OSs (NetBSD, FreeBSD, OpenBSD, MirBSD, MicroBSD...). There much more people wich prefer BSD-Licensed code and wich strictly against GPL (such as Plan9 and other OSs). Again, I can only answer this from my own personal point of view - I didn't write the original code so I did not deside the license. My /personal/ oppinion is that the GPL is a better license than the BSD license since it ensures that modifications are contributed back to the ClamAV community. With a BSD license nothing stops someone from incorporating ClamAV in a commercial product without giving anything back. But, that's just my personal oppinion. Hope that was properly flame-proof ;-) -- Jesper Juhl [EMAIL PROTECTED] Systems Administrator, Danmarks Idræts-Forbund / The Danish Sports Federation Please don't top-posthttp://www.catb.org/~esr/jargon/html/T/top-post.html Please send plain text emails only http://www.expita.com/nomime.html --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id56alloc_id438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] some little questions
On Wed, 3 Mar 2004 02:50:15 +0100 (CET) [EMAIL PROTECTED] (Jesper Juhl) wrote: On Wed, 3 Mar 2004, Rembrandt wrote: [...] 2. Are there any improvemts planed wich enable clamAV to clean files? Now it just delete them. I can't speak for anyone but myself, but I don't think that is planned. First of all, some virii may be impossible to clean (some of them destroy the files they infect). Second, some files may be *very* hard to clean since the virii rewrite the binary in order to insert itself and figuring out what the file looked like prior to infection is *not* trivial, so it's a hard problem and to do it requires a lot of time and often specific handling of each individual virus. Third, would you trust a file after it was cleaned? Personally I would not - no matter who cleaned it; clam or some commercial AV vendor doesn't matter, I still wouldn't trust that file. If an infected file is found, the only proper action in my oppinion is to delete the file and then restore a known-good copy from original media or backup. I think you've to wath on both sides of the medal. Yes I would trust cleaned files but why dosn't matter here. The situation you've to think about: What's whenn all possible backups and copies are infected? I know guys wich are working as administrators at a newspaper. They make backups.. yes.. But they make it only for 1 week (couse there's too much data). So they're able to restore all files wich changed since date X. But what's about a virii wich infects the files and waits until a special date? Or what's about logic-bombs? Trust me: I'm able to think about a virii wich is more destructive then all over together. So I think such a function is needed. 3. Please don't make a flamewar () but: Why GPL? I think clamAV could also use a more free license like the BSD-license couse nobody steals something from clamAV. And the reason is easy: All other commercial scanners detects more virii/worms and they could also clean the most files. So why GPL and not BSD-License? I think with the BSD-License clamAV could be more acceptable for more people. Not just all current BSD-OSs (NetBSD, FreeBSD, OpenBSD, MirBSD, MicroBSD...). There much more people wich prefer BSD-Licensed code and wich strictly against GPL (such as Plan9 and other OSs). Again, I can only answer this from my own personal point of view - I didn't write the original code so I did not deside the license. My /personal/ oppinion is that the GPL is a better license than the BSD license since it ensures that modifications are contributed back to the ClamAV community. With a BSD license nothing stops someone from incorporating ClamAV in a commercial product without giving anything back. But, that's just my personal oppinion. Hope that was properly flame-proof;-) Sorry I don't angree to that. It's not true that ALL people will steals this source. Yes with GPL it's a MUST to contribute something back. But I prefer BSD (it could also be BSD-Like, so that every commercial Product must told the user that they use code of clamAV). Why? With GPL companies aren't able to cross-license something. That's a huge problem. Take a look to intel and WLAN-support on *NIX. It's damn... the most normals NICs work but mostly the developers haven't any docs. And why? Couse Intel fears that someone could steal something (so I understand the situation). The other point why GPL isn't usefull: GPL infects other Licenses. If I write something and put it under BSD-License (could also be another license, like the license from plan9 or something else) I can't use GPL-Licensed patches or improvements. When I include such patches/improvements the whoole project goes under GPL. I think that's the reason why BSDs dosn't accept clamAV. Yes it's in the ports but it could be std-software wich is always on each BSD. And I think there a lot of developers outside who will help but who wont accept GPL. I personaly dosn't love the GPL and some guys maybe think I hate the GPL. Maybe.. but if I analyse the situation: There's NO need for GPL couse nobody will steals something. It could be more political... If GPL is the digital socialism BSD would be the great communism. :p Ok just 2 cents from a man who read Marx and others. so please ignore this line and the 3 lines before. :-) Rembrandt pgp0.pgp Description: PGP signature