Browse code
update manuals
Tomasz Kojm authored on 2010/03/20 01:42:25Showing 5 changed files
- clamscan/clamscan.c
- clamscan/manager.c
- docs/man/clamd.conf.5.in
- docs/man/clamscan.1.in
- shared/optparser.c
| ... | ... |
@@ -216,6 +216,8 @@ void help(void) |
| 216 | 216 |
mprintf(" --include=REGEX Only scan file names matching REGEX\n");
|
| 217 | 217 |
mprintf(" --include-dir=REGEX Only scan directories matching REGEX\n");
|
| 218 | 218 |
mprintf("\n");
|
| 219 |
+ mprintf(" --bytecode[=yes(*)/no] Load bytecode from the database\n");
|
|
| 220 |
+ mprintf(" --bytecode-trust-all[=yes/no(*)] Trust all loaded bytecode\n");
|
|
| 219 | 221 |
mprintf(" --detect-pua[=yes/no(*)] Detect Possibly Unwanted Applications\n");
|
| 220 | 222 |
mprintf(" --exclude-pua=CAT Skip PUA sigs of category CAT\n");
|
| 221 | 223 |
mprintf(" --include-pua=CAT Load PUA sigs of category CAT\n");
|
| ... | ... |
@@ -401,7 +401,7 @@ int scanmanager(const struct optstruct *opts) |
| 401 | 401 |
if(optget(opts, "leave-temps")->enabled) |
| 402 | 402 |
cl_engine_set_num(engine, CL_ENGINE_KEEPTMP, 1); |
| 403 | 403 |
|
| 404 |
- if(optget(opts, "trust-loaded-bytecode")->enabled) |
|
| 404 |
+ if(optget(opts, "bytecode-trust-all")->enabled) |
|
| 405 | 405 |
cl_engine_set_num(engine, CL_ENGINE_BYTECODE_SECURITY, CL_BYTECODE_TRUST_ALL); |
| 406 | 406 |
|
| 407 | 407 |
if((opt = optget(opts, "tempdir"))->enabled) {
|
| ... | ... |
@@ -78,8 +78,11 @@ Default: system specific (usually /tmp or /var/tmp). |
| 78 | 78 |
.TP |
| 79 | 79 |
\fBDatabaseDirectory STRING\fR |
| 80 | 80 |
Path to a directory containing database files. |
| 81 |
+.TP |
|
| 82 |
+\fBOfficialDatabaseOnly BOOL\fR |
|
| 83 |
+Only load the official signatures published by the ClamAV project. |
|
| 81 | 84 |
.br |
| 82 |
-Default: @DBDIR@ |
|
| 85 |
+Default: no |
|
| 83 | 86 |
.TP |
| 84 | 87 |
\fBLocalSocket STRING\fR |
| 85 | 88 |
Path to a local (Unix) socket the daemon will listen on. |
| ... | ... |
@@ -236,7 +239,17 @@ Limit data port range. |
| 236 | 236 |
.br |
| 237 | 237 |
Default: 2048 |
| 238 | 238 |
.TP |
| 239 |
-\fBDetectPUA\fR |
|
| 239 |
+\fBBytecode BOOL\fR |
|
| 240 |
+With this option enabled ClamAV will load bytecode from the database. It is highly recommended you keep this option turned on, otherwise you may miss detections for many new viruses. |
|
| 241 |
+.br |
|
| 242 |
+Default: yes |
|
| 243 |
+.TP |
|
| 244 |
+\fBBytecodeSecurity STRING\fR |
|
| 245 |
+Set bytecode security level. Possible values: \fBNone\fR: no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS, \fBTrustSigned\fR: trust bytecode loaded from signed .c[lv]d files and insert runtime safety checks for bytecode loaded from other sources, \fBParanoid\fR: don't trust any bytecode, insert runtime checks for all. The recommended setting is \fBTrustSigned\fR, because bytecode in .cvd files already has safety checks inserted into it. |
|
| 246 |
+.br |
|
| 247 |
+Default: TrustSigned |
|
| 248 |
+.TP |
|
| 249 |
+\fBDetectPUA BOOL\fR |
|
| 240 | 250 |
Detect Possibly Unwanted Applications. |
| 241 | 251 |
.br |
| 242 | 252 |
Default: No |
| ... | ... |
@@ -404,6 +417,11 @@ Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running. |
| 404 | 404 |
.br |
| 405 | 405 |
Default: no |
| 406 | 406 |
.TP |
| 407 |
+\fBClamukoScannerCount NUMBER\fR |
|
| 408 |
+The number of scanner threads that will be started (DazukoFS only). Having multiple scanner threads allows Clamuko to serve multiple processes simultaneously. This is particularly beneficial on SMP machines. |
|
| 409 |
+.br |
|
| 410 |
+Default: 3 |
|
| 411 |
+.TP |
|
| 407 | 412 |
\fBClamukoScanOnOpen BOOL\fR |
| 408 | 413 |
Scan files on open. |
| 409 | 414 |
.br |
| ... | ... |
@@ -78,6 +78,12 @@ Move infected files into DIRECTORY. Directory must be writable for the '@CLAMAVU |
| 78 | 78 |
\fB\-\-copy=DIRECTORY\fR |
| 79 | 79 |
Copy infected files into DIRECTORY. Directory must be writable for the '@CLAMAVUSER@' user or unprivileged user running clamscan. |
| 80 | 80 |
.TP |
| 81 |
+\fB\-\-bytecode[=yes(*)/no]\fR |
|
| 82 |
+With this option enabled ClamAV will load bytecode from the database. It is highly recommended you keep this option turned on, otherwise you may miss detections for many new viruses. |
|
| 83 |
+.TP |
|
| 84 |
+\fB\-\-bytecode\-trust\-all[=yes/no(*)]\fR |
|
| 85 |
+This option disables safety checks and makes ClamAV trust all bytecode. It should only be used for debugging. |
|
| 86 |
+.TP |
|
| 81 | 87 |
\fB\-\-detect\-pua[=yes/no(*)]\fR |
| 82 | 88 |
Detect Possibly Unwanted Applications. |
| 83 | 89 |
.TP |
| ... | ... |
@@ -122,7 +122,7 @@ const struct clam_option __clam_options[] = {
|
| 122 | 122 |
|
| 123 | 123 |
{ NULL, "force-interpreter", 'f', TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMBC, "Force using the interpreter instead of the JIT", "" },
|
| 124 | 124 |
{ NULL, "trust-bytecode", 't', TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMBC, "Trust loaded bytecode (default yes)", ""},
|
| 125 |
- { NULL, "trust-loaded-bytecode", 't', TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMSCAN, "Trust loaded bytecode (default: only if signed)", ""},
|
|
| 125 |
+ { NULL, "bytecode-trust-all", 't', TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMSCAN, "Trust loaded bytecode (default: only if signed)", ""},
|
|
| 126 | 126 |
{ NULL, "info", 'i', TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMBC, "Load and print bytecode information without executing", ""},
|
| 127 | 127 |
{ NULL, "printsrc", 'p', TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMBC, "Print source code of bytecode", ""},
|
| 128 | 128 |
{ NULL, "input", 'i', TYPE_STRING, NULL, -1, NULL, 0, OPT_CLAMBC, "Input file to run the bytecode n", ""},
|