This one time, at band camp, Michael Gilbert said: > clamav seems to think that large zip files should be considered as > infected. oversized seems to be somewhere between 227 and 303 MB. my > lastest scan told me that 3 of my doom 3 game data files are infected. > but the two smaller (on the order of 200 MB) files appear not to be > infected. i am fairly confident that none of these files are truely > infected.
The issue isn't the actual file size, but the compression ratio of the file. This test is designed for archive bombs and the like. If you find that you are getting false positives, you can up the ArchiveMaxCompressionRatio or get rid of ArchiveBlockMax. This is not a false positive, but a configuration setting. I feel like it is fairly clear in the documentation, and yet I get one of these reports every couple of months or so. What can I do to make it more clear that this is configurable? Do you have any suggestions? -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
