[Mageia-discuss] malware checking on our repositories?

Mattias Kilbo mattiaskilbo at yahoo.se
Mon Mar 14 15:26:16 CET 2011

> > I do not know if we have anything like this already
> but if not:
> > 
> > How about we put some anti malware checking on our
> repositories? So
> > when someone adds or changes a package an automatic
> anti malware check
> > is done.
> Well, what do you propose to setup ?
> Do you have a product that would have detected what
> happened to gentoo ?
> -- Michael Scherer

I do not have deep enough knowledge in packaging to have a setup. But something along the lines of:
A package is uploaded
An automatic test is done with some anti-malware program
If anything suspicious if found the update is set on hold until some "admin" checks the potential malware.

There are some anti virus programs for Linux
And some of them (at least on windows) can find malware in code that is not yet know as malware. I do not know if any of it would have detected the Unreal malware.


More information about the Mageia-discuss mailing list