----- Original Message -----
From: "Jim Henderson"
This is why they're just not a problem here. They can not proliferate like that.
So of course it makes sense to let the infected files lie dormant until someone uses a system like Windows to access them.
Is it a car's responsibility to scan the trunk for bombs? Even if you could add that ability for a mere 100% increase in initial cost, weight, fuel consumption, occupied volume, and ongoing maintenance? Even a mere 10% overhead? Is it your shirt's responsibility to scan every floppy you put in your pocket for viruses? How about thumb drives? Should we build a virus scanner into every usb thumb drive? Why don't SAN/NAS boxes do it? I'm not denying that there are uses for virus scanners. I'm saying the average linux box has better things to do with it's cpu and i/o resources peforming actual useful tasks. If you want to scan everything for virii, then put that into a dedicated appliance on the network between the users and the application host. But I'll partially backpedal. I guess the same argument could be made about routers, spi firewalls, and vpn endpoints. There are hardware appliances for those, and yet there is also a use for doing them in software on the application host too in small sites. And probably SAN/NAS boxes that perform full time all data scanning will actually start appearing. It's just retarded to make the box waste time scanning things it knows cannot possibly contain a virus, or that cannot hurt anything even if they do. It's a bad trade-off, doing work 100% of the time just to protect against 1% chance of a problem. When ImageMagick reads a file, even one created on a windows machine that may contain a virus, I do not need the kernel to scan it for virii. When ImageMagick writes a temp file, I do not need to scan it for virii either at write or read times. When my multi-user database app writes a thousand temp files every minute and does thousands of surgical reads and writes of individual records evey minute I do not need every one of those transactions being scanned for a virus. I most especially do not need the the even more numerous index maintenance ops being scanned. If I wanted to be super nice, just as an over-the-top service to my users, I might possibly install a module into apache and scan all outgoing static and dynamic content as it is served out.
This doesn't seem like a good idea to me, but what do I know - I've only been using computers for nearly 30 years now.
Same here. Just about exactly when I started hacking on my Dads TRS-80's and my school's Apple ][e's and Prime's and my friend's Ti-99a's and C64's Brian K. White brian@aljex.com http://www.myspace.com/KEYofR +++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++. filePro BBx Linux SCO FreeBSD #callahans Satriani Filk! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org