[Mimedefang] Sophie can't detect Yaha-K
Jason Englander
jason at englanders.cc
Thu Jan 2 14:19:01 EST 2003
On Fri, 3 Jan 2003, Dave Shrimpton wrote:
> Problem can be fixed by commenting out code in sophie_init.c
> which sets configuration value SOPHOS_UPX and recompiling sophie.
For those that don't know, UPX (http://upx.sf.net/) is an executable
packer (like PK Lite, Petite, ...). I guess Sophie by default won't
check executables compressed by it. I think sweep (the Sophos
commandline scanner) will because of this option (* = default):
-sc [*] : SWEEP inside dynamically compressed executables
I think an easier way of setting Sophie to scan for those would be to
open up sophie_init.h, find this line:
#define SOPHIE_SOPHOS_UPX "0"
and change the 0 to a 1. Then (re)compile.
I would imagine turning this on comes with the same potential problems
that decompressing any compressed file comes with (a billion 0s, more ram
hogged, etc.).
Jason
--
Jason Englander <jason at englanders.cc>
394F 7E02 C105 7268 777A 3F5A 0AC0 C618 0675 80CA
More information about the MIMEDefang
mailing list