Re: [Fwd: PostgreSQL 8.0.0-beta4 Windows 2000

From: Reini Urban <rurban(at)x-ray(dot)at>
To: Magnus Hagander <mha(at)sollentuna(dot)net>
Cc: PostgreSQL Win32 port list <pgsql-hackers-win32(at)postgresql(dot)org>
Subject: Re: [Fwd: PostgreSQL 8.0.0-beta4 Windows 2000
Date: 2004-11-08 15:50:17
Message-ID: 418F95B9.1060407@x-ray.at
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers-win32

Magnus Hagander schrieb:
>>>Magnus is working on something that will print a better failure
>>>message when the virus protection blocks PostgreSQL.
>>
>>Ah, good.
>
> Actually, that's not what I'm doing ATM. I'm trying to solve the actual
> problem, to make sure things work instead.
> (It's not going that well, though... I've implemented the fix I thought
> would fix the problem, but it only fixes some aspects of it. Still
> digging..)
> And it's not AV blocking - it's firewall or internet scanners. I have
> nothing that checks for *file scanners* that are active.

re file scanners I only see vague references to Norton (Symantec) being
bad.
But I am not sure yet. Indeed the worst problems are winsock related.

>>Note that cygwin setup.exe blocks McAfee Shield "AvSynMgr"
>>also to be able to download our packages after an UI dialog.
>
> That's an interesting approach. Does it block *only* McAfee? Or do you
> have a list of other things as well? Something like this might certainly
> be worth putting in the MSI installer, if we cannot workaronud the
> actual problem.
> (And I'd say blocking in the way of kicking up a popup-message that says
> "hey, remove/disable this stuff before you try to install". Not actually
> turning off a different program, that is just *evil*)
>
> I've also been toying with the idea of droppnig an EICAR test virus in
> the DATA directory before install to see if there is an active online AV
> scanner there. But that might not be a good thing in a managed AV
> environment - would set off all sorts of alarms...

For now we just block this McAfee service, but we also had reports for
Norton (Symantec) AntiVir to limit the usability of our app.

Generally, every NT Service that starts with "Norton" or "Symantec" is
considered evil. But not in detail yet.
Of course certain firewalls also, like zonelaram, but you have to search
the cygwin mailinglist archives for exact reports.

AntiVir or F-Prot on-access virus scanners or internet updaters are
considered well-behaving.
--
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/

In response to

Browse pgsql-hackers-win32 by date

  From Date Subject
Next Message Paul Kirschner 2004-11-09 00:52:00 postgresql 8 beta 4 will not install
Previous Message Magnus Hagander 2004-11-08 15:20:11 Re: Log messages of the server?