I had this question a while back, and this is what I was able to track down:
The files are not signed via any PKI trusted by your system, but rather by a
specific RSA key that is trusted by the code itself. If you look in
libclamav/dsig.c, there is an implementation of RSA inspired by
...@megan.vbhcs.org>> wrote:
Baked in.
On 10/24/2018 12:10 PM, Luke Massa wrote:
But what are they signed *by*? If it’s using a public/private keypair, where is
the public key? Is it baked into freshclam/clamd/clamscan somewhere?
- Luke
On Oct 24, 2018, at 11:59 AM, Noel Jones
mail
But what are they signed *by*? If it’s using a public/private keypair, where is
the public key? Is it baked into freshclam/clamd/clamscan somewhere?
- Luke
> On Oct 24, 2018, at 11:59 AM, Noel Jones wrote:
>
> On 10/23/2018 2:17 PM, Luke Massa wrote:
>>
>> In short, i
about the .cvd files.
In short, is there any way I can setup clamav/freshclam and be confident that a
malicious user isn’t adding/removing signatures from the upstream mirrors?
- Luke Massa
___
clamav-users mailing list
clamav-users@lists.clamav.net
http