[clamav-users] freshclam vs sudo freshclam
Al Varnell
alvarnell at mac.com
Thu Sep 6 05:34:24 UTC 2018
A comment concerning Little Snitch. There's a good chance that the LS notification about a code signature violation. There is a known bug in LS 4 that finds problems in properly signed files. The notification gives you the opportunity to copy some information and forward it to LS for analysis. I submitted one for a different app and received the following response:
> Can you please install Little Snitch 4.1.3 Nightly, this should fix this problem:
> https://obdev.at/products/littlesnitch/download-nightly.html <https://obdev.at/products/littlesnitch/download-nightly.html>
And for what it's worth, I have not experienced any such issue when running freshclam (fingers crossed).
I have second hand information that a patch is undergoing tests as we speak, but no clue as to when it might show up.
-Al-
On Wed, Sep 05, 2018 at 10:05 PM, Michael Newman wrote:
>> As previously observed, depending on installation permissions, some of us need sudo and others do not.
>
> Turns out this had nothing to do with permissions and everything to do with Little Snitch.
>
> For reasons that remain a mystery to me, sometime while I was away from home Little Snitch started blocking outgoing traffic from freshclam. (Why wait until I was away?)
>
> By the time I got home, the Little Snitch notification was gone. I didn’t notice the problem until I checked Little Snitch’s unapproved rules. The rule on freshclam is a code signature violation.
>
> I have changed the rule to allow outgoing connections by freshclam. I can now run freshclam as me without error:
>
> MrMuscle:~ mnewman$ freshclam
> ClamAV update process started at Thu Sep 6 12:04:22 2018
> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
> Downloading daily-24906.cdiff [100%]
> daily.cld updated (version: 24906, sigs: 2076062, f-level: 63, builder: neo)
> bytecode.cvd is up to date (version: 327, sigs: 91, f-level: 63, builder: neo)
> Database updated (6642402 signatures) from db.US.clamav.net <http://db.us.clamav.net/> (IP: 104.16.186.138)
> Clamd successfully notified about the update.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20180905/4f180cc8/attachment.htm>
More information about the clamav-users
mailing list