[Dev] Storing data containing malware in Chandler repository
Heikki Toivonen
heikki at osafoundation.org
Wed Jan 19 12:52:11 PST 2005
As the recent incident with CVS and antivirus software showed, we should
have a plan/answer for the case where Chandler stores data containing
viruses or other malware into the repository. The issue is that if
malware removal tool notices them, and destroys files containing the
offending parts, Chandler must be able to recover gracefully from the
situation.
A simple approach would be to encode all data such that malware removal
tools don't recognize the malware. This is less than optimal, because it
limits the usefulness of the detection tools.
Another option would be to store data, like attachments, in simple files
in their original format. This would require Chandler to be able to
recover from the situation where these files are either modified or
deleted with an external application. This approach has its own set of
drawbacks, like Chandler not being in full control of the data that it
stores.
Mozilla has had issues where, when you receive a virus in email, your
antivirus software may delete all of your mail. I believe most modern
antivirus software understands common mail storing schemes and can
selectively delete only mails containing viruses. But very recently I
have noticed a case where my junk mail feature was disabled by antivirus
software that destroyed files associated with junk detection and junk
folders.
--
Heikki Toivonen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.osafoundation.org/pipermail/dev/attachments/20050119/312aaa9a/signature.bin
More information about the Dev
mailing list