[clamav-users] Inquiry about ClamAV's usage within sandbox
Yang, Jiayi
jiayy at amazon.com
Tue Mar 22 21:12:57 UTC 2022
Hi ClamAV community,
Hope this email finds you well. I’m writing to inquire about the proper usage of ClamAV and whether it’s suggested to run ClamAV within a sandbox to avoid infecting other files/applications in the host if a malware is detected. I have two main questions:
1. When scanning a given file, will ClamAV only do static analysis(based on signature database) or it will execute the file and analyze its behavior? If the file is a malware and we use ClamAV to scan the file, will it possibly infect the scanner or infect other files/applications on the host?
2. Is there any built-in sandbox mechanism in ClamAV so that when it scans a file, the file can be scanned in an isolated environment?
Thank you so much! Looking forward to hearing from you.
Best,
Jiayi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20220322/ef444b8c/attachment.htm>
More information about the clamav-users
mailing list