false positive virus warning
Andrew Bartlett
abartlet at samba.org
Sat Oct 15 14:33:27 MDT 2011
On Sat, 2011-10-15 at 18:28 +0200, Helmut Hullen wrote:
> Hallo, samba-technical,
>
> I've just got mail from ClamAV:
>
> ============= ClamAV =============
> WARNING:
> /home/src/samba-4.0.0alpha14/wintest/wintest.py: Trojan.BAT.Qhost-1 FOUND
> /home/src/samba-4.0.0alpha14/wintest/wintest.py: moved to '/var/lib/infected/wintest.py'
>
> Seems to depend on a new signatur file - nasty.
I tried to file a bug in their bugzilla about this, with a clear example
and pointing at the incorrect, incredibly lazy 'virus definition', only
to have a number of months pass before begin told I had filed it in the
wrong place.
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2645
I now have very little patience for a 'virus scanner' that triggers on a
single line of source code, used for a legitimate purpose in a free
software project, and cannot re-file the bug report on their own.
If you have the time, please find the right way to deal with the ClamAV
folks, so that this does not trigger again.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list