Little Snitch 4 Warning

Discussions relating to ClamXav

Moderator: Mark

Little Snitch 4 Warning

Postby alvarnell » Thu 27 Jul 2017 12:27 am

Some users have ask about a warning from the new version of LS:
Little Snitch says freshclam wants to connect to cdn.clamxav.com on TCPport 80 (httP
This process has no code signature. The executable can be maliciously modified without being detected
The "no code signature" message refers to the tool used to perform the download - what it's telling you is that although ClamXAV is signed, one of the download tools used (freshclam) isn't signed. This is perfectly normal and nothing to worry about at all because other mechanisms are in place to detect tampering.

There are plans in place to change this in a future version of ClamXAV so that the whole toolchain is signed.
-Al-
--
iMac(21.5-inch, Mid 2011) 2.8GHz Intel Core i7/OS X 10.10.5, 10.11.6, 10.12.6 & 10.13.6/ClamXAV v3.0.9 (7713)/0.100.2_01
iMac(Retina 5K, 27-inch, 2017) 4.2GHz Intel Core i7/macOS 10.12.6, 10.13.6 & 10.14.3/ClamXAV v3.0.9 (7713)/0.100.2_01
alvarnell
Site Admin
 
Posts: 5507
Joined: Thu 04 Sep 2008 1:18 am
Location: Mountain View, CA, USA

Return to ClamXav

Who is online

Users browsing this forum: No registered users

cron