llvm dev - Jun 2012 - [LLVMdev] Windows development and "virus" in LLVM test suite

Thanks for your input.  We are getting closer and closer to the final
solution to this issue.  I agree with you, on second thought, that only THE
offending file should be excluded.

If somebody is stupid enough to disable their antivirus or remove it
(namely me), it is their own choice and is not something that all of the
LLVM group has to take part in.

So, I'll make sure the Windows docs very precisely and accurately tell the
user to add that one single file to the ignore list.  Only thing I disagree
about is that I think the exception should be added beforehand; no need to
ask people to disable their antivirus solution if they can add the
exception beforehand.

2012/6/16 Óscar Fuentes <ofv at wanadoo.es>
> Mikael Lyngvig <mikael at lyngvig.org> writes:
>
> > I admit I belong to a small group of not-too-bright people who still
> aspire
> > to use LLVM.  But I kind of see that as a highly valuable feature,
> insofar
> > I convert this fact into something constructive (such as FAQ writing)
:-)
> >
> > I actually did recommend people to disable their antivirus solution
for
> two
> > reasons - the aforementioned "virus" and the speed slowdown
that they'll
> > experience, but then somebody (can't remember who) reacted and
said it
> > wasn't a good idea to recommend people to disable their antivirus
> solution.
>
> I agree about not recommending *people* to disable their antivirus. The
> human beings that work with the LLVM test suite are not "people",
they
> ought to understand the implications of disabling the AV. Moreover, they
> will be happy to have just another reason for not having an active AV
> running on their machines. Quite a few AV packages are worse than most
> of the malware they supposedly protect from.
>
> > However, I see a nifty compromise visualising behind my eyes: Ask the
> user
> > to add the LLVM source and build directories to their virus ignore
list.
> >  This will solve both issues.
>
> No, they shall add the *specific* file that triggers the AV alert to the
> ignore list, otherwise those directories could act as safe harbors for
> malware. It is a good thing to put a warning on the web page that
> explains how to obtain the LLVM test suite about the existence of such
> file and suggesting to disable the AV while checking out the package and
> to add the exception after that.
>
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu         http://llvm.cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.llvm.org/pipermail/llvm-dev/attachments/20120616/f8b5e098/attachment.html>

Mikael Lyngvig <mikael at lyngvig.org> writes:
> Thanks for your input.  We are getting closer and closer to the final
> solution to this issue.  I agree with you, on second thought, that only THE
> offending file should be excluded.
>
> If somebody is stupid enough to disable their antivirus or remove it
> (namely me), it is their own choice and is not something that all of the
> LLVM group has to take part in.
Not having an AV or swithching it off at times is not a sign of
stupidity. The best antivirus is a mindful, knowledgeable user. And the
antivirus doesn't really protect you in case of risky behavior.
> So, I'll make sure the Windows docs very precisely and accurately tell
the
> user to add that one single file to the ignore list.  Only thing I disagree
> about is that I think the exception should be added beforehand; no need to
> ask people to disable their antivirus solution if they can add the
> exception beforehand.
Yes, if the antivirus accepts an exception for a yet nonexistent file. I
bet most of them won't do that without fiddling with configuration
files.

>
> Not having an AV or swithching it off at times is not a sign of
> stupidity. The best antivirus is a mindful, knowledgeable user. And the
> antivirus doesn't really protect you in case of risky behavior.
>
I couldn't have said it better myself.  I've had three viruses in 29
years
and only one of them was my own fault. I've spent hours trying to explain
people that trusting an antivirus solution is unfortunate at best.

> Yes, if the antivirus accepts an exception for a yet nonexistent file. I
> bet most of them won't do that without fiddling with configuration
> files.
>
Ok.  You get it your way :-)  Disable antivirus, checkout, and then add the
offending file to the exclusion list.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.llvm.org/pipermail/llvm-dev/attachments/20120616/d306b46f/attachment.html>