diff options
Diffstat (limited to 'recipes-security/clamav/clamav-0.99.1/clamd.conf')
-rw-r--r-- | recipes-security/clamav/clamav-0.99.1/clamd.conf | 595 |
1 files changed, 595 insertions, 0 deletions
diff --git a/recipes-security/clamav/clamav-0.99.1/clamd.conf b/recipes-security/clamav/clamav-0.99.1/clamd.conf new file mode 100644 index 0000000..0457785 --- /dev/null +++ b/recipes-security/clamav/clamav-0.99.1/clamd.conf | |||
@@ -0,0 +1,595 @@ | |||
1 | # Uncomment this option to enable logging. | ||
2 | # LogFile must be writable for the user running daemon. | ||
3 | # A full path is required. | ||
4 | # Default: disabled | ||
5 | LogFile /tmp/clamd.log | ||
6 | |||
7 | # By default the log file is locked for writing - the lock protects against | ||
8 | # running clamd multiple times (if want to run another clamd, please | ||
9 | # copy the configuration file, change the LogFile variable, and run | ||
10 | # the daemon with --config-file option). | ||
11 | # This option disables log file locking. | ||
12 | # Default: no | ||
13 | LogFileUnlock yes | ||
14 | |||
15 | # Maximum size of the log file. | ||
16 | # Value of 0 disables the limit. | ||
17 | # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) | ||
18 | # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size | ||
19 | # in bytes just don't use modifiers. If LogFileMaxSize is enabled, log | ||
20 | # rotation (the LogRotate option) will always be enabled. | ||
21 | # Default: 1M | ||
22 | LogFileMaxSize 2M | ||
23 | |||
24 | # Log time with each message. | ||
25 | # Default: no | ||
26 | LogTime yes | ||
27 | |||
28 | # Also log clean files. Useful in debugging but drastically increases the | ||
29 | # log size. | ||
30 | # Default: no | ||
31 | #LogClean yes | ||
32 | |||
33 | # Use system logger (can work together with LogFile). | ||
34 | # Default: no | ||
35 | #LogSyslog yes | ||
36 | |||
37 | # Specify the type of syslog messages - please refer to 'man syslog' | ||
38 | # for facility names. | ||
39 | # Default: LOG_LOCAL6 | ||
40 | #LogFacility LOG_MAIL | ||
41 | |||
42 | # Enable verbose logging. | ||
43 | # Default: no | ||
44 | #LogVerbose yes | ||
45 | |||
46 | # Enable log rotation. Always enabled when LogFileMaxSize is enabled. | ||
47 | # Default: no | ||
48 | #LogRotate yes | ||
49 | |||
50 | # Log additional information about the infected file, such as its | ||
51 | # size and hash, together with the virus name. | ||
52 | ExtendedDetectionInfo yes | ||
53 | |||
54 | # This option allows you to save a process identifier of the listening | ||
55 | # daemon (main thread). | ||
56 | # Default: disabled | ||
57 | PidFile /var/run/clamd.pid | ||
58 | |||
59 | # Optional path to the global temporary directory. | ||
60 | # Default: system specific (usually /tmp or /var/tmp). | ||
61 | TemporaryDirectory /var/tmp | ||
62 | |||
63 | # Path to the database directory. | ||
64 | # Default: hardcoded (depends on installation options) | ||
65 | DatabaseDirectory /var/lib/clamav | ||
66 | |||
67 | # Only load the official signatures published by the ClamAV project. | ||
68 | # Default: no | ||
69 | #OfficialDatabaseOnly no | ||
70 | |||
71 | # The daemon can work in local mode, network mode or both. | ||
72 | # Due to security reasons we recommend the local mode. | ||
73 | |||
74 | # Path to a local socket file the daemon will listen on. | ||
75 | # Default: disabled (must be specified by a user) | ||
76 | LocalSocket /tmp/clamd.socket | ||
77 | |||
78 | # Sets the group ownership on the unix socket. | ||
79 | # Default: disabled (the primary group of the user running clamd) | ||
80 | #LocalSocketGroup virusgroup | ||
81 | |||
82 | # Sets the permissions on the unix socket to the specified mode. | ||
83 | # Default: disabled (socket is world accessible) | ||
84 | #LocalSocketMode 660 | ||
85 | |||
86 | # Remove stale socket after unclean shutdown. | ||
87 | # Default: yes | ||
88 | #FixStaleSocket yes | ||
89 | |||
90 | # TCP port address. | ||
91 | # Default: no | ||
92 | #TCPSocket 3310 | ||
93 | |||
94 | # TCP address. | ||
95 | # By default we bind to INADDR_ANY, probably not wise. | ||
96 | # Enable the following to provide some degree of protection | ||
97 | # from the outside world. This option can be specified multiple | ||
98 | # times if you want to listen on multiple IPs. IPv6 is now supported. | ||
99 | # Default: no | ||
100 | #TCPAddr 127.0.0.1 | ||
101 | |||
102 | # Maximum length the queue of pending connections may grow to. | ||
103 | # Default: 200 | ||
104 | #MaxConnectionQueueLength 30 | ||
105 | |||
106 | # Clamd uses FTP-like protocol to receive data from remote clients. | ||
107 | # If you are using clamav-milter to balance load between remote clamd daemons | ||
108 | # on firewall servers you may need to tune the options below. | ||
109 | |||
110 | # Close the connection when the data size limit is exceeded. | ||
111 | # The value should match your MTA's limit for a maximum attachment size. | ||
112 | # Default: 25M | ||
113 | #StreamMaxLength 10M | ||
114 | |||
115 | # Limit port range. | ||
116 | # Default: 1024 | ||
117 | #StreamMinPort 30000 | ||
118 | # Default: 2048 | ||
119 | #StreamMaxPort 32000 | ||
120 | |||
121 | # Maximum number of threads running at the same time. | ||
122 | # Default: 10 | ||
123 | #MaxThreads 20 | ||
124 | |||
125 | # Waiting for data from a client socket will timeout after this time (seconds). | ||
126 | # Default: 120 | ||
127 | #ReadTimeout 300 | ||
128 | |||
129 | # This option specifies the time (in seconds) after which clamd should | ||
130 | # timeout if a client doesn't provide any initial command after connecting. | ||
131 | # Default: 5 | ||
132 | #CommandReadTimeout 5 | ||
133 | |||
134 | # This option specifies how long to wait (in miliseconds) if the send buffer is full. | ||
135 | # Keep this value low to prevent clamd hanging | ||
136 | # | ||
137 | # Default: 500 | ||
138 | #SendBufTimeout 200 | ||
139 | |||
140 | # Maximum number of queued items (including those being processed by MaxThreads threads) | ||
141 | # It is recommended to have this value at least twice MaxThreads if possible. | ||
142 | # WARNING: you shouldn't increase this too much to avoid running out of file descriptors, | ||
143 | # the following condition should hold: | ||
144 | # MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024) | ||
145 | # | ||
146 | # Default: 100 | ||
147 | #MaxQueue 200 | ||
148 | |||
149 | # Waiting for a new job will timeout after this time (seconds). | ||
150 | # Default: 30 | ||
151 | #IdleTimeout 60 | ||
152 | |||
153 | # Don't scan files and directories matching regex | ||
154 | # This directive can be used multiple times | ||
155 | # Default: scan all | ||
156 | #ExcludePath ^/proc/ | ||
157 | #ExcludePath ^/sys/ | ||
158 | |||
159 | # Maximum depth directories are scanned at. | ||
160 | # Default: 15 | ||
161 | #MaxDirectoryRecursion 20 | ||
162 | |||
163 | # Follow directory symlinks. | ||
164 | # Default: no | ||
165 | #FollowDirectorySymlinks yes | ||
166 | |||
167 | # Follow regular file symlinks. | ||
168 | # Default: no | ||
169 | #FollowFileSymlinks yes | ||
170 | |||
171 | # Scan files and directories on other filesystems. | ||
172 | # Default: yes | ||
173 | #CrossFilesystems yes | ||
174 | |||
175 | # Perform a database check. | ||
176 | # Default: 600 (10 min) | ||
177 | #SelfCheck 600 | ||
178 | |||
179 | # Execute a command when virus is found. In the command string %v will | ||
180 | # be replaced with the virus name. | ||
181 | # Default: no | ||
182 | #VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v" | ||
183 | |||
184 | # Run as another user (clamd must be started by root for this option to work) | ||
185 | # Default: don't drop privileges | ||
186 | User clamav | ||
187 | |||
188 | # Initialize supplementary group access (clamd must be started by root). | ||
189 | # Default: no | ||
190 | #AllowSupplementaryGroups no | ||
191 | |||
192 | # Stop daemon when libclamav reports out of memory condition. | ||
193 | #ExitOnOOM yes | ||
194 | |||
195 | # Don't fork into background. | ||
196 | # Default: no | ||
197 | #Foreground yes | ||
198 | |||
199 | # Enable debug messages in libclamav. | ||
200 | # Default: no | ||
201 | #Debug yes | ||
202 | |||
203 | # Do not remove temporary files (for debug purposes). | ||
204 | # Default: no | ||
205 | #LeaveTemporaryFiles yes | ||
206 | |||
207 | # Permit use of the ALLMATCHSCAN command. If set to no, clamd will reject | ||
208 | # any ALLMATCHSCAN command as invalid. | ||
209 | # Default: yes | ||
210 | #AllowAllMatchScan no | ||
211 | |||
212 | # Detect Possibly Unwanted Applications. | ||
213 | # Default: no | ||
214 | #DetectPUA yes | ||
215 | |||
216 | # Exclude a specific PUA category. This directive can be used multiple times. | ||
217 | # See https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-pua.md for | ||
218 | # the complete list of PUA categories. | ||
219 | # Default: Load all categories (if DetectPUA is activated) | ||
220 | #ExcludePUA NetTool | ||
221 | #ExcludePUA PWTool | ||
222 | |||
223 | # Only include a specific PUA category. This directive can be used multiple | ||
224 | # times. | ||
225 | # Default: Load all categories (if DetectPUA is activated) | ||
226 | #IncludePUA Spy | ||
227 | #IncludePUA Scanner | ||
228 | #IncludePUA RAT | ||
229 | |||
230 | # In some cases (eg. complex malware, exploits in graphic files, and others), | ||
231 | # ClamAV uses special algorithms to provide accurate detection. This option | ||
232 | # controls the algorithmic detection. | ||
233 | # Default: yes | ||
234 | #AlgorithmicDetection yes | ||
235 | |||
236 | # This option causes memory or nested map scans to dump the content to disk. | ||
237 | # If you turn on this option, more data is written to disk and is available | ||
238 | # when the LeaveTemporaryFiles option is enabled. | ||
239 | #ForceToDisk yes | ||
240 | |||
241 | # This option allows you to disable the caching feature of the engine. By | ||
242 | # default, the engine will store an MD5 in a cache of any files that are | ||
243 | # not flagged as virus or that hit limits checks. Disabling the cache will | ||
244 | # have a negative performance impact on large scans. | ||
245 | # Default: no | ||
246 | #DisableCache yes | ||
247 | |||
248 | ## | ||
249 | ## Executable files | ||
250 | ## | ||
251 | |||
252 | # PE stands for Portable Executable - it's an executable file format used | ||
253 | # in all 32 and 64-bit versions of Windows operating systems. This option allows | ||
254 | # ClamAV to perform a deeper analysis of executable files and it's also | ||
255 | # required for decompression of popular executable packers such as UPX, FSG, | ||
256 | # and Petite. If you turn off this option, the original files will still be | ||
257 | # scanned, but without additional processing. | ||
258 | # Default: yes | ||
259 | #ScanPE yes | ||
260 | |||
261 | # Certain PE files contain an authenticode signature. By default, we check | ||
262 | # the signature chain in the PE file against a database of trusted and | ||
263 | # revoked certificates if the file being scanned is marked as a virus. | ||
264 | # If any certificate in the chain validates against any trusted root, but | ||
265 | # does not match any revoked certificate, the file is marked as whitelisted. | ||
266 | # If the file does match a revoked certificate, the file is marked as virus. | ||
267 | # The following setting completely turns off authenticode verification. | ||
268 | # Default: no | ||
269 | #DisableCertCheck yes | ||
270 | |||
271 | # Executable and Linking Format is a standard format for UN*X executables. | ||
272 | # This option allows you to control the scanning of ELF files. | ||
273 | # If you turn off this option, the original files will still be scanned, but | ||
274 | # without additional processing. | ||
275 | # Default: yes | ||
276 | #ScanELF yes | ||
277 | |||
278 | # With this option clamav will try to detect broken executables (both PE and | ||
279 | # ELF) and mark them as Broken.Executable. | ||
280 | # Default: no | ||
281 | #DetectBrokenExecutables yes | ||
282 | |||
283 | |||
284 | ## | ||
285 | ## Documents | ||
286 | ## | ||
287 | |||
288 | # This option enables scanning of OLE2 files, such as Microsoft Office | ||
289 | # documents and .msi files. | ||
290 | # If you turn off this option, the original files will still be scanned, but | ||
291 | # without additional processing. | ||
292 | # Default: yes | ||
293 | #ScanOLE2 yes | ||
294 | |||
295 | # With this option enabled OLE2 files with VBA macros, which were not | ||
296 | # detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros". | ||
297 | # Default: no | ||
298 | #OLE2BlockMacros no | ||
299 | |||
300 | # This option enables scanning within PDF files. | ||
301 | # If you turn off this option, the original files will still be scanned, but | ||
302 | # without decoding and additional processing. | ||
303 | # Default: yes | ||
304 | #ScanPDF yes | ||
305 | |||
306 | # This option enables scanning within SWF files. | ||
307 | # If you turn off this option, the original files will still be scanned, but | ||
308 | # without decoding and additional processing. | ||
309 | # Default: yes | ||
310 | #ScanSWF yes | ||
311 | |||
312 | |||
313 | ## | ||
314 | ## Mail files | ||
315 | ## | ||
316 | |||
317 | # Enable internal e-mail scanner. | ||
318 | # If you turn off this option, the original files will still be scanned, but | ||
319 | # without parsing individual messages/attachments. | ||
320 | # Default: yes | ||
321 | #ScanMail yes | ||
322 | |||
323 | # Scan RFC1341 messages split over many emails. | ||
324 | # You will need to periodically clean up $TemporaryDirectory/clamav-partial directory. | ||
325 | # WARNING: This option may open your system to a DoS attack. | ||
326 | # Never use it on loaded servers. | ||
327 | # Default: no | ||
328 | #ScanPartialMessages yes | ||
329 | |||
330 | # With this option enabled ClamAV will try to detect phishing attempts by using | ||
331 | # signatures. | ||
332 | # Default: yes | ||
333 | #PhishingSignatures yes | ||
334 | |||
335 | # Scan URLs found in mails for phishing attempts using heuristics. | ||
336 | # Default: yes | ||
337 | #PhishingScanURLs yes | ||
338 | |||
339 | # Always block SSL mismatches in URLs, even if the URL isn't in the database. | ||
340 | # This can lead to false positives. | ||
341 | # | ||
342 | # Default: no | ||
343 | #PhishingAlwaysBlockSSLMismatch no | ||
344 | |||
345 | # Always block cloaked URLs, even if URL isn't in database. | ||
346 | # This can lead to false positives. | ||
347 | # | ||
348 | # Default: no | ||
349 | #PhishingAlwaysBlockCloak no | ||
350 | |||
351 | # Detect partition intersections in raw disk images using heuristics. | ||
352 | # Default: no | ||
353 | #PartitionIntersection no | ||
354 | |||
355 | # Allow heuristic match to take precedence. | ||
356 | # When enabled, if a heuristic scan (such as phishingScan) detects | ||
357 | # a possible virus/phish it will stop scan immediately. Recommended, saves CPU | ||
358 | # scan-time. | ||
359 | # When disabled, virus/phish detected by heuristic scans will be reported only at | ||
360 | # the end of a scan. If an archive contains both a heuristically detected | ||
361 | # virus/phish, and a real malware, the real malware will be reported | ||
362 | # | ||
363 | # Keep this disabled if you intend to handle "*.Heuristics.*" viruses | ||
364 | # differently from "real" malware. | ||
365 | # If a non-heuristically-detected virus (signature-based) is found first, | ||
366 | # the scan is interrupted immediately, regardless of this config option. | ||
367 | # | ||
368 | # Default: no | ||
369 | #HeuristicScanPrecedence yes | ||
370 | |||
371 | |||
372 | ## | ||
373 | ## Data Loss Prevention (DLP) | ||
374 | ## | ||
375 | |||
376 | # Enable the DLP module | ||
377 | # Default: No | ||
378 | #StructuredDataDetection yes | ||
379 | |||
380 | # This option sets the lowest number of Credit Card numbers found in a file | ||
381 | # to generate a detect. | ||
382 | # Default: 3 | ||
383 | #StructuredMinCreditCardCount 5 | ||
384 | |||
385 | # This option sets the lowest number of Social Security Numbers found | ||
386 | # in a file to generate a detect. | ||
387 | # Default: 3 | ||
388 | #StructuredMinSSNCount 5 | ||
389 | |||
390 | # With this option enabled the DLP module will search for valid | ||
391 | # SSNs formatted as xxx-yy-zzzz | ||
392 | # Default: yes | ||
393 | #StructuredSSNFormatNormal yes | ||
394 | |||
395 | # With this option enabled the DLP module will search for valid | ||
396 | # SSNs formatted as xxxyyzzzz | ||
397 | # Default: no | ||
398 | #StructuredSSNFormatStripped yes | ||
399 | |||
400 | |||
401 | ## | ||
402 | ## HTML | ||
403 | ## | ||
404 | |||
405 | # Perform HTML normalisation and decryption of MS Script Encoder code. | ||
406 | # Default: yes | ||
407 | # If you turn off this option, the original files will still be scanned, but | ||
408 | # without additional processing. | ||
409 | #ScanHTML yes | ||
410 | |||
411 | |||
412 | ## | ||
413 | ## Archives | ||
414 | ## | ||
415 | |||
416 | # ClamAV can scan within archives and compressed files. | ||
417 | # If you turn off this option, the original files will still be scanned, but | ||
418 | # without unpacking and additional processing. | ||
419 | # Default: yes | ||
420 | #ScanArchive yes | ||
421 | |||
422 | # Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). | ||
423 | # Default: no | ||
424 | #ArchiveBlockEncrypted no | ||
425 | |||
426 | |||
427 | ## | ||
428 | ## Limits | ||
429 | ## | ||
430 | |||
431 | # The options below protect your system against Denial of Service attacks | ||
432 | # using archive bombs. | ||
433 | |||
434 | # This option sets the maximum amount of data to be scanned for each input file. | ||
435 | # Archives and other containers are recursively extracted and scanned up to this | ||
436 | # value. | ||
437 | # Value of 0 disables the limit | ||
438 | # Note: disabling this limit or setting it too high may result in severe damage | ||
439 | # to the system. | ||
440 | # Default: 100M | ||
441 | #MaxScanSize 150M | ||
442 | |||
443 | # Files larger than this limit won't be scanned. Affects the input file itself | ||
444 | # as well as files contained inside it (when the input file is an archive, a | ||
445 | # document or some other kind of container). | ||
446 | # Value of 0 disables the limit. | ||
447 | # Note: disabling this limit or setting it too high may result in severe damage | ||
448 | # to the system. | ||
449 | # Default: 25M | ||
450 | #MaxFileSize 30M | ||
451 | |||
452 | # Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR | ||
453 | # file, all files within it will also be scanned. This options specifies how | ||
454 | # deeply the process should be continued. | ||
455 | # Note: setting this limit too high may result in severe damage to the system. | ||
456 | # Default: 16 | ||
457 | #MaxRecursion 10 | ||
458 | |||
459 | # Number of files to be scanned within an archive, a document, or any other | ||
460 | # container file. | ||
461 | # Value of 0 disables the limit. | ||
462 | # Note: disabling this limit or setting it too high may result in severe damage | ||
463 | # to the system. | ||
464 | # Default: 10000 | ||
465 | #MaxFiles 15000 | ||
466 | |||
467 | # Maximum size of a file to check for embedded PE. Files larger than this value | ||
468 | # will skip the additional analysis step. | ||
469 | # Note: disabling this limit or setting it too high may result in severe damage | ||
470 | # to the system. | ||
471 | # Default: 10M | ||
472 | #MaxEmbeddedPE 10M | ||
473 | |||
474 | # Maximum size of a HTML file to normalize. HTML files larger than this value | ||
475 | # will not be normalized or scanned. | ||
476 | # Note: disabling this limit or setting it too high may result in severe damage | ||
477 | # to the system. | ||
478 | # Default: 10M | ||
479 | #MaxHTMLNormalize 10M | ||
480 | |||
481 | # Maximum size of a normalized HTML file to scan. HTML files larger than this | ||
482 | # value after normalization will not be scanned. | ||
483 | # Note: disabling this limit or setting it too high may result in severe damage | ||
484 | # to the system. | ||
485 | # Default: 2M | ||
486 | #MaxHTMLNoTags 2M | ||
487 | |||
488 | # Maximum size of a script file to normalize. Script content larger than this | ||
489 | # value will not be normalized or scanned. | ||
490 | # Note: disabling this limit or setting it too high may result in severe damage | ||
491 | # to the system. | ||
492 | # Default: 5M | ||
493 | #MaxScriptNormalize 5M | ||
494 | |||
495 | # Maximum size of a ZIP file to reanalyze type recognition. ZIP files larger | ||
496 | # than this value will skip the step to potentially reanalyze as PE. | ||
497 | # Note: disabling this limit or setting it too high may result in severe damage | ||
498 | # to the system. | ||
499 | # Default: 1M | ||
500 | #MaxZipTypeRcg 1M | ||
501 | |||
502 | # This option sets the maximum number of partitions of a raw disk image to be scanned. | ||
503 | # Raw disk images with more partitions than this value will have up to the value number | ||
504 | # partitions scanned. Negative values are not allowed. | ||
505 | # Note: setting this limit too high may result in severe damage or impact performance. | ||
506 | # Default: 50 | ||
507 | #MaxPartitions 128 | ||
508 | |||
509 | # This option sets the maximum number of icons within a PE to be scanned. | ||
510 | # PE files with more icons than this value will have up to the value number icons scanned. | ||
511 | # Negative values are not allowed. | ||
512 | # WARNING: setting this limit too high may result in severe damage or impact performance. | ||
513 | # Default: 100 | ||
514 | #MaxIconsPE 200 | ||
515 | |||
516 | ## | ||
517 | ## On-access Scan Settings | ||
518 | ## | ||
519 | |||
520 | # Enable on-access scanning. Currently, this is supported via fanotify. | ||
521 | # Clamuko/Dazuko support has been deprecated. | ||
522 | # Default: no | ||
523 | #ScanOnAccess yes | ||
524 | |||
525 | # Don't scan files larger than OnAccessMaxFileSize | ||
526 | # Value of 0 disables the limit. | ||
527 | # Default: 5M | ||
528 | #OnAccessMaxFileSize 10M | ||
529 | |||
530 | # Set the include paths (all files inside them will be scanned). You can have | ||
531 | # multiple OnAccessIncludePath directives but each directory must be added | ||
532 | # in a separate line. (On-access scan only) | ||
533 | # Default: disabled | ||
534 | #OnAccessIncludePath /home | ||
535 | #OnAccessIncludePath /students | ||
536 | |||
537 | # Set the exclude paths. All subdirectories are also excluded. | ||
538 | # (On-access scan only) | ||
539 | # Default: disabled | ||
540 | #OnAccessExcludePath /home/bofh | ||
541 | |||
542 | # With this option you can whitelist specific UIDs. Processes with these UIDs | ||
543 | # will be able to access all files. | ||
544 | # This option can be used multiple times (one per line). | ||
545 | # Default: disabled | ||
546 | #OnAccessExcludeUID 0 | ||
547 | |||
548 | |||
549 | ## | ||
550 | ## Bytecode | ||
551 | ## | ||
552 | |||
553 | # With this option enabled ClamAV will load bytecode from the database. | ||
554 | # It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses. | ||
555 | # Default: yes | ||
556 | #Bytecode yes | ||
557 | |||
558 | # Set bytecode security level. | ||
559 | # Possible values: | ||
560 | # None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS | ||
561 | # This value is only available if clamav was built with --enable-debug! | ||
562 | # TrustSigned - trust bytecode loaded from signed .c[lv]d files, | ||
563 | # insert runtime safety checks for bytecode loaded from other sources | ||
564 | # Paranoid - don't trust any bytecode, insert runtime checks for all | ||
565 | # Recommended: TrustSigned, because bytecode in .cvd files already has these checks | ||
566 | # Note that by default only signed bytecode is loaded, currently you can only | ||
567 | # load unsigned bytecode in --enable-debug mode. | ||
568 | # | ||
569 | # Default: TrustSigned | ||
570 | #BytecodeSecurity TrustSigned | ||
571 | |||
572 | # Set bytecode timeout in miliseconds. | ||
573 | # | ||
574 | # Default: 5000 | ||
575 | # BytecodeTimeout 1000 | ||
576 | |||
577 | ## | ||
578 | ## Statistics gathering and submitting | ||
579 | ## | ||
580 | |||
581 | # Enable statistical reporting. | ||
582 | # Default: no | ||
583 | #StatsEnabled yes | ||
584 | |||
585 | # Disable submission of individual PE sections for files flagged as malware. | ||
586 | # Default: no | ||
587 | #StatsPEDisabled yes | ||
588 | |||
589 | # HostID in the form of an UUID to use when submitting statistical information. | ||
590 | # Default: auto | ||
591 | #StatsHostID auto | ||
592 | |||
593 | # Time in seconds to wait for the stats server to come back with a response | ||
594 | # Default: 10 | ||
595 | #StatsTimeout 10 | ||