[clamav-users] Win.Trojan.Toa-5368540-0 - How many people need to complain before you listen?
Mark Allan
markjallan at gmail.com
Thu Dec 29 13:40:59 UTC 2016
> On 29 Dec 2016, at 12:06 pm, Steve Basford <steveb_clamav at sanesecurity.com> wrote:
>
> In clamscan there is:
>
> --official-db-only[=yes/no(*)] Only load official signatures
>
> in clamd.conf there is:
>
> OfficialDatabaseOnly #Only loading official signatures.
>
> I suppose there could be a:
>
> --3rd-party-db-only=[=yes/no(*)]
>
> and the same thing in clamd.conf.
>
> but this may not then load safebrowsing.cvd.
>
> You may also need to keep daily.ftm as that contains filetypes.
It seems a little overkill to add a new feature for this. Couldn't you just delete the cvd/cld file and prevent freshclam from running? Or better yet, write a wrapper around freshclam so the update still takes place and then unpack the cvd/cld file and delete the bits you don't want to keep.
Mark
More information about the clamav-users
mailing list