I found some infected files similar to those mentioned in Carsten
Leonhardt's report. So I learnt about the issues with unrar and found
this bug report.
Forwarding this bug upstream resulted in removing support for external
unpackers: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1050#c7
Thus the debian clamav package is - in trying to remain as free as
possible software - not capable to find certain types of virusses.
The approach used until now will no longer work as intended (suggesting
the non-free "unrar" package).
So - at least for the security and reliability of people using Debian to
provide services for people using non-free software (for whatetver
reason):
Can you find a new working solution to enable scanning of these infected
rar files?
Perhaps it might be possible to split out a non-free add-on package
to clamav? If that's not possible, maybe you might create a fork into
clamav-free and clamav (non-free) for that portion of non-free unrar
code?
As long as there is no such solution we as a small ISP using debian
will have to build our clamav packages from source reverting part of the
debian patch.
Hopefully this will change in the near future.
regards
Olaf
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
