|Main Archive Page > Month Archives > clamav-devel archives|
I noticed the announcement of the bytecode interpreter in the 0.96-rc1
That feature took me utterly by surprise.
Could anyone provide a use-case for it? I'm at a loss as to why a
security tool should allow signature writers to be able to inject
arbitary executable code. (Yes, I know the bytecode has all kinds of
security checks and is limited in what it can do, but so does/did Java
and there were still many bugs found in the Java sandbox.)
And a security tool that requires (or at least can use) a C compiler
at run-time boggles the mind. I guess we either have to install
a C compiler or live with the slower bytecode interpreter.
Why do we need the bytecode interpreter? Can we disable it if we decide
the cons outweigh the pros?