Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Tue, 11 Jan 2005 07:47:57 +0100
From: Walter Garcia-Fontes <walter DOT garcia AT upf DOT edu>
To: cygwin AT cygwin DOT com
Subject: Re: cygcrypt-0.dll infected
Message-ID: <20050111064757.GA2752@upf.edu>
Mail-Followup-To: cygwin AT cygwin DOT com
References: <41E2DCC4 DOT 1060506 AT watchmark DOT com> <Pine DOT GSO DOT 4 DOT 61 DOT 0501101526330 DOT 24510 AT slinky DOT cs DOT nyu DOT edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.GSO.4.61.0501101526330.24510@slinky.cs.nyu.edu>
User-Agent: Mutt/1.4i
X-URL: http://puna.upf.edu
X-imss-version: 2.8
X-imss-result: Passed
X-imss-approveListMatch: *@upf.edu
X-IsSubscribed: yes
Note-from-DJ: This may be spam

* Igor Pechtchanski <pechtcha AT cs DOT nyu DOT edu> [050110 21:39]:
> It's amazing how many people use broken anti-virus software, judging by
> the number of times this was reported.  The real solution is to get the
> anti-virus patterns fixed.  One workaround that was suggested was to
> recompile libcrypt, which removes the pattern (one can assume that the
> pattern just happened to coincide with the DLL's date stamp -- go figure).
> 

I agree completely, and reported the false positive to Trend Micro.
Since using it is a corporate decision in my site it's hard that I
will be able to move away from it.

> I'm half-tempted to suggest leaving the package as-is, just to force
> people to complain to their anti-virus provider.  Unfortunately, all these
> complaints are more likely to go to this list, thus rivaling the traffic
> in the "obscenity of cygwin" thread (and we can't have that, can we?).
> 

I also agree to leave the package as is and let Trend Micro decide if
it's worth to keep this false positive. In the meantime if recompiling
crypt fixes the problem, this is a good solution for users such as
myself who have to live with officescan antivirus. 

> So, provided Corinna has the time and the inclination to build crypt-1.1-2
> (identical to 1.1-1, but recompiled) and send it by private mail, can we
> have a volunteer with a broken anti-virus to test this new version of
> libcrypt?  If that shuts the anti-virus up, the path of least resistance
> would be to release the new package...

I volunteer for that.

-- 
Walter Garcia-Fontes               
Barcelona


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/