1
0

clamd.conf 22 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684
  1. ##
  2. ## Example config file for the Clam AV daemon
  3. ## Please read the clamd.conf(5) manual before editing this file.
  4. ##
  5. # Comment or remove the line below.
  6. # Example
  7. # Uncomment this option to enable logging.
  8. # LogFile must be writable for the user running daemon.
  9. # A full path is required.
  10. # Default: disabled
  11. #LogFile /var/log/clamd.<SERVICE>
  12. # By default the log file is locked for writing - the lock protects against
  13. # running clamd multiple times (if want to run another clamd, please
  14. # copy the configuration file, change the LogFile variable, and run
  15. # the daemon with --config-file option).
  16. # This option disables log file locking.
  17. # Default: no
  18. #LogFileUnlock yes
  19. # Maximum size of the log file.
  20. # Value of 0 disables the limit.
  21. # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
  22. # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
  23. # in bytes just don't use modifiers. If LogFileMaxSize is enabled, log
  24. # rotation (the LogRotate option) will always be enabled.
  25. # Default: 1M
  26. #LogFileMaxSize 2M
  27. # Log time with each message.
  28. # Default: no
  29. #LogTime yes
  30. # Also log clean files. Useful in debugging but drastically increases the
  31. # log size.
  32. # Default: no
  33. #LogClean yes
  34. # Use system logger (can work together with LogFile).
  35. # Default: no
  36. LogSyslog yes
  37. # Specify the type of syslog messages - please refer to 'man syslog'
  38. # for facility names.
  39. # Default: LOG_LOCAL6
  40. #LogFacility LOG_MAIL
  41. # Enable verbose logging.
  42. # Default: no
  43. #LogVerbose yes
  44. # Enable log rotation. Always enabled when LogFileMaxSize is enabled.
  45. # Default: no
  46. #LogRotate yes
  47. # Log additional information about the infected file, such as its
  48. # size and hash, together with the virus name.
  49. #ExtendedDetectionInfo yes
  50. # This option allows you to save a process identifier of the listening
  51. # daemon (main thread).
  52. # Default: disabled
  53. #PidFile /var/run/clamd.<SERVICE>/clamd.pid
  54. # Optional path to the global temporary directory.
  55. # Default: system specific (usually /tmp or /var/tmp).
  56. #TemporaryDirectory /var/tmp
  57. # Path to the database directory.
  58. # Default: hardcoded (depends on installation options)
  59. #DatabaseDirectory /var/lib/clamav
  60. # Only load the official signatures published by the ClamAV project.
  61. # Default: no
  62. #OfficialDatabaseOnly no
  63. # The daemon can work in local mode, network mode or both.
  64. # Due to security reasons we recommend the local mode.
  65. # Path to a local socket file the daemon will listen on.
  66. # Default: disabled (must be specified by a user)
  67. LocalSocket /var/lib/clamav/clamd.sock
  68. # Sets the group ownership on the unix socket.
  69. # Default: disabled (the primary group of the user running clamd)
  70. LocalSocketGroup clamupdate
  71. # Sets the permissions on the unix socket to the specified mode.
  72. # Default: disabled (socket is world accessible)
  73. #LocalSocketMode 660
  74. # Remove stale socket after unclean shutdown.
  75. # Default: yes
  76. #FixStaleSocket yes
  77. # TCP port address.
  78. # Default: no
  79. #TCPSocket 3310
  80. # TCP address.
  81. # By default we bind to INADDR_ANY, probably not wise.
  82. # Enable the following to provide some degree of protection
  83. # from the outside world. This option can be specified multiple
  84. # times if you want to listen on multiple IPs. IPv6 is now supported.
  85. # Default: no
  86. #TCPAddr 127.0.0.1
  87. # Maximum length the queue of pending connections may grow to.
  88. # Default: 200
  89. #MaxConnectionQueueLength 30
  90. # Clamd uses FTP-like protocol to receive data from remote clients.
  91. # If you are using clamav-milter to balance load between remote clamd daemons
  92. # on firewall servers you may need to tune the options below.
  93. # Close the connection when the data size limit is exceeded.
  94. # The value should match your MTA's limit for a maximum attachment size.
  95. # Default: 25M
  96. #StreamMaxLength 10M
  97. # Limit port range.
  98. # Default: 1024
  99. #StreamMinPort 30000
  100. # Default: 2048
  101. #StreamMaxPort 32000
  102. # Maximum number of threads running at the same time.
  103. # Default: 10
  104. #MaxThreads 20
  105. # Waiting for data from a client socket will timeout after this time (seconds).
  106. # Default: 120
  107. #ReadTimeout 300
  108. # This option specifies the time (in seconds) after which clamd should
  109. # timeout if a client doesn't provide any initial command after connecting.
  110. # Default: 5
  111. #CommandReadTimeout 5
  112. # This option specifies how long to wait (in miliseconds) if the send buffer is full.
  113. # Keep this value low to prevent clamd hanging
  114. #
  115. # Default: 500
  116. #SendBufTimeout 200
  117. # Maximum number of queued items (including those being processed by MaxThreads threads)
  118. # It is recommended to have this value at least twice MaxThreads if possible.
  119. # WARNING: you shouldn't increase this too much to avoid running out of file descriptors,
  120. # the following condition should hold:
  121. # MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024)
  122. #
  123. # Default: 100
  124. #MaxQueue 200
  125. # Waiting for a new job will timeout after this time (seconds).
  126. # Default: 30
  127. #IdleTimeout 60
  128. # Don't scan files and directories matching regex
  129. # This directive can be used multiple times
  130. # Default: scan all
  131. #ExcludePath ^/proc/
  132. #ExcludePath ^/sys/
  133. # Maximum depth directories are scanned at.
  134. # Default: 15
  135. #MaxDirectoryRecursion 20
  136. # Follow directory symlinks.
  137. # Default: no
  138. #FollowDirectorySymlinks yes
  139. # Follow regular file symlinks.
  140. # Default: no
  141. #FollowFileSymlinks yes
  142. # Scan files and directories on other filesystems.
  143. # Default: yes
  144. #CrossFilesystems yes
  145. # Perform a database check.
  146. # Default: 600 (10 min)
  147. #SelfCheck 600
  148. # Execute a command when virus is found. In the command string %v will
  149. # be replaced with the virus name.
  150. # Default: no
  151. #VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
  152. # Run as another user (clamd must be started by root for this option to work)
  153. # Default: don't drop privileges
  154. User clamupdate
  155. # Initialize supplementary group access (clamd must be started by root).
  156. # Default: no
  157. AllowSupplementaryGroups yes
  158. # Stop daemon when libclamav reports out of memory condition.
  159. #ExitOnOOM yes
  160. # Don't fork into background.
  161. # Default: no
  162. #Foreground yes
  163. # Enable debug messages in libclamav.
  164. # Default: no
  165. #Debug yes
  166. # Do not remove temporary files (for debug purposes).
  167. # Default: no
  168. #LeaveTemporaryFiles yes
  169. # Permit use of the ALLMATCHSCAN command. If set to no, clamd will reject
  170. # any ALLMATCHSCAN command as invalid.
  171. # Default: yes
  172. #AllowAllMatchScan no
  173. # Detect Possibly Unwanted Applications.
  174. # Default: no
  175. #DetectPUA yes
  176. # Exclude a specific PUA category. This directive can be used multiple times.
  177. # See https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-pua.md for
  178. # the complete list of PUA categories.
  179. # Default: Load all categories (if DetectPUA is activated)
  180. #ExcludePUA NetTool
  181. #ExcludePUA PWTool
  182. # Only include a specific PUA category. This directive can be used multiple
  183. # times.
  184. # Default: Load all categories (if DetectPUA is activated)
  185. #IncludePUA Spy
  186. #IncludePUA Scanner
  187. #IncludePUA RAT
  188. # In some cases (eg. complex malware, exploits in graphic files, and others),
  189. # ClamAV uses special algorithms to provide accurate detection. This option
  190. # controls the algorithmic detection.
  191. # Default: yes
  192. #AlgorithmicDetection yes
  193. # This option causes memory or nested map scans to dump the content to disk.
  194. # If you turn on this option, more data is written to disk and is available
  195. # when the LeaveTemporaryFiles option is enabled.
  196. #ForceToDisk yes
  197. # This option allows you to disable the caching feature of the engine. By
  198. # default, the engine will store an MD5 in a cache of any files that are
  199. # not flagged as virus or that hit limits checks. Disabling the cache will
  200. # have a negative performance impact on large scans.
  201. # Default: no
  202. #DisableCache yes
  203. ##
  204. ## Executable files
  205. ##
  206. # PE stands for Portable Executable - it's an executable file format used
  207. # in all 32 and 64-bit versions of Windows operating systems. This option allows
  208. # ClamAV to perform a deeper analysis of executable files and it's also
  209. # required for decompression of popular executable packers such as UPX, FSG,
  210. # and Petite. If you turn off this option, the original files will still be
  211. # scanned, but without additional processing.
  212. # Default: yes
  213. #ScanPE yes
  214. # Certain PE files contain an authenticode signature. By default, we check
  215. # the signature chain in the PE file against a database of trusted and
  216. # revoked certificates if the file being scanned is marked as a virus.
  217. # If any certificate in the chain validates against any trusted root, but
  218. # does not match any revoked certificate, the file is marked as whitelisted.
  219. # If the file does match a revoked certificate, the file is marked as virus.
  220. # The following setting completely turns off authenticode verification.
  221. # Default: no
  222. #DisableCertCheck yes
  223. # Executable and Linking Format is a standard format for UN*X executables.
  224. # This option allows you to control the scanning of ELF files.
  225. # If you turn off this option, the original files will still be scanned, but
  226. # without additional processing.
  227. # Default: yes
  228. #ScanELF yes
  229. # With this option clamav will try to detect broken executables (both PE and
  230. # ELF) and mark them as Broken.Executable.
  231. # Default: no
  232. #DetectBrokenExecutables yes
  233. ##
  234. ## Documents
  235. ##
  236. # This option enables scanning of OLE2 files, such as Microsoft Office
  237. # documents and .msi files.
  238. # If you turn off this option, the original files will still be scanned, but
  239. # without additional processing.
  240. # Default: yes
  241. #ScanOLE2 yes
  242. # With this option enabled OLE2 files with VBA macros, which were not
  243. # detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros".
  244. # Default: no
  245. #OLE2BlockMacros no
  246. # This option enables scanning within PDF files.
  247. # If you turn off this option, the original files will still be scanned, but
  248. # without decoding and additional processing.
  249. # Default: yes
  250. #ScanPDF yes
  251. # This option enables scanning within SWF files.
  252. # If you turn off this option, the original files will still be scanned, but
  253. # without decoding and additional processing.
  254. # Default: yes
  255. #ScanSWF yes
  256. # This option enables scanning xml-based document files supported by libclamav.
  257. # If you turn off this option, the original files will still be scanned, but
  258. # without additional processing.
  259. # Default: yes
  260. #ScanXMLDOCS yes
  261. # This option enables scanning of HWP3 files.
  262. # If you turn off this option, the original files will still be scanned, but
  263. # without additional processing.
  264. # Default: yes
  265. #ScanHWP3 yes
  266. ##
  267. ## Mail files
  268. ##
  269. # Enable internal e-mail scanner.
  270. # If you turn off this option, the original files will still be scanned, but
  271. # without parsing individual messages/attachments.
  272. # Default: yes
  273. #ScanMail yes
  274. # Scan RFC1341 messages split over many emails.
  275. # You will need to periodically clean up $TemporaryDirectory/clamav-partial directory.
  276. # WARNING: This option may open your system to a DoS attack.
  277. # Never use it on loaded servers.
  278. # Default: no
  279. #ScanPartialMessages yes
  280. # With this option enabled ClamAV will try to detect phishing attempts by using
  281. # signatures.
  282. # Default: yes
  283. #PhishingSignatures yes
  284. # Scan URLs found in mails for phishing attempts using heuristics.
  285. # Default: yes
  286. #PhishingScanURLs yes
  287. # Always block SSL mismatches in URLs, even if the URL isn't in the database.
  288. # This can lead to false positives.
  289. #
  290. # Default: no
  291. #PhishingAlwaysBlockSSLMismatch no
  292. # Always block cloaked URLs, even if URL isn't in database.
  293. # This can lead to false positives.
  294. #
  295. # Default: no
  296. #PhishingAlwaysBlockCloak no
  297. # Detect partition intersections in raw disk images using heuristics.
  298. # Default: no
  299. #PartitionIntersection no
  300. # Allow heuristic match to take precedence.
  301. # When enabled, if a heuristic scan (such as phishingScan) detects
  302. # a possible virus/phish it will stop scan immediately. Recommended, saves CPU
  303. # scan-time.
  304. # When disabled, virus/phish detected by heuristic scans will be reported only at
  305. # the end of a scan. If an archive contains both a heuristically detected
  306. # virus/phish, and a real malware, the real malware will be reported
  307. #
  308. # Keep this disabled if you intend to handle "*.Heuristics.*" viruses
  309. # differently from "real" malware.
  310. # If a non-heuristically-detected virus (signature-based) is found first,
  311. # the scan is interrupted immediately, regardless of this config option.
  312. #
  313. # Default: no
  314. #HeuristicScanPrecedence yes
  315. ##
  316. ## Data Loss Prevention (DLP)
  317. ##
  318. # Enable the DLP module
  319. # Default: No
  320. #StructuredDataDetection yes
  321. # This option sets the lowest number of Credit Card numbers found in a file
  322. # to generate a detect.
  323. # Default: 3
  324. #StructuredMinCreditCardCount 5
  325. # This option sets the lowest number of Social Security Numbers found
  326. # in a file to generate a detect.
  327. # Default: 3
  328. #StructuredMinSSNCount 5
  329. # With this option enabled the DLP module will search for valid
  330. # SSNs formatted as xxx-yy-zzzz
  331. # Default: yes
  332. #StructuredSSNFormatNormal yes
  333. # With this option enabled the DLP module will search for valid
  334. # SSNs formatted as xxxyyzzzz
  335. # Default: no
  336. #StructuredSSNFormatStripped yes
  337. ##
  338. ## HTML
  339. ##
  340. # Perform HTML normalisation and decryption of MS Script Encoder code.
  341. # Default: yes
  342. # If you turn off this option, the original files will still be scanned, but
  343. # without additional processing.
  344. #ScanHTML yes
  345. ##
  346. ## Archives
  347. ##
  348. # ClamAV can scan within archives and compressed files.
  349. # If you turn off this option, the original files will still be scanned, but
  350. # without unpacking and additional processing.
  351. # Default: yes
  352. #ScanArchive yes
  353. # Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
  354. # Default: no
  355. #ArchiveBlockEncrypted no
  356. ##
  357. ## Limits
  358. ##
  359. # The options below protect your system against Denial of Service attacks
  360. # using archive bombs.
  361. # This option sets the maximum amount of data to be scanned for each input file.
  362. # Archives and other containers are recursively extracted and scanned up to this
  363. # value.
  364. # Value of 0 disables the limit
  365. # Note: disabling this limit or setting it too high may result in severe damage
  366. # to the system.
  367. # Default: 100M
  368. #MaxScanSize 150M
  369. # Files larger than this limit won't be scanned. Affects the input file itself
  370. # as well as files contained inside it (when the input file is an archive, a
  371. # document or some other kind of container).
  372. # Value of 0 disables the limit.
  373. # Note: disabling this limit or setting it too high may result in severe damage
  374. # to the system.
  375. # Default: 25M
  376. #MaxFileSize 30M
  377. # Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
  378. # file, all files within it will also be scanned. This options specifies how
  379. # deeply the process should be continued.
  380. # Note: setting this limit too high may result in severe damage to the system.
  381. # Default: 16
  382. #MaxRecursion 10
  383. # Number of files to be scanned within an archive, a document, or any other
  384. # container file.
  385. # Value of 0 disables the limit.
  386. # Note: disabling this limit or setting it too high may result in severe damage
  387. # to the system.
  388. # Default: 10000
  389. #MaxFiles 15000
  390. # Maximum size of a file to check for embedded PE. Files larger than this value
  391. # will skip the additional analysis step.
  392. # Note: disabling this limit or setting it too high may result in severe damage
  393. # to the system.
  394. # Default: 10M
  395. #MaxEmbeddedPE 10M
  396. # Maximum size of a HTML file to normalize. HTML files larger than this value
  397. # will not be normalized or scanned.
  398. # Note: disabling this limit or setting it too high may result in severe damage
  399. # to the system.
  400. # Default: 10M
  401. #MaxHTMLNormalize 10M
  402. # Maximum size of a normalized HTML file to scan. HTML files larger than this
  403. # value after normalization will not be scanned.
  404. # Note: disabling this limit or setting it too high may result in severe damage
  405. # to the system.
  406. # Default: 2M
  407. #MaxHTMLNoTags 2M
  408. # Maximum size of a script file to normalize. Script content larger than this
  409. # value will not be normalized or scanned.
  410. # Note: disabling this limit or setting it too high may result in severe damage
  411. # to the system.
  412. # Default: 5M
  413. #MaxScriptNormalize 5M
  414. # Maximum size of a ZIP file to reanalyze type recognition. ZIP files larger
  415. # than this value will skip the step to potentially reanalyze as PE.
  416. # Note: disabling this limit or setting it too high may result in severe damage
  417. # to the system.
  418. # Default: 1M
  419. #MaxZipTypeRcg 1M
  420. # This option sets the maximum number of partitions of a raw disk image to be scanned.
  421. # Raw disk images with more partitions than this value will have up to the value number
  422. # partitions scanned. Negative values are not allowed.
  423. # Note: setting this limit too high may result in severe damage or impact performance.
  424. # Default: 50
  425. #MaxPartitions 128
  426. # This option sets the maximum number of icons within a PE to be scanned.
  427. # PE files with more icons than this value will have up to the value number icons scanned.
  428. # Negative values are not allowed.
  429. # WARNING: setting this limit too high may result in severe damage or impact performance.
  430. # Default: 100
  431. #MaxIconsPE 200
  432. # This option sets the maximum recursive calls for HWP3 parsing during scanning.
  433. # HWP3 files using more than this limit will be terminated and alert the user.
  434. # Scans will be unable to scan any HWP3 attachments if the recursive limit is reached.
  435. # Negative values are not allowed.
  436. # WARNING: setting this limit too high may result in severe damage or impact performance.
  437. # Default: 16
  438. #MaxRecHWP3 16
  439. # This option sets the maximum calls to the PCRE match function during an instance of regex matching.
  440. # Instances using more than this limit will be terminated and alert the user but the scan will continue.
  441. # For more information on match_limit, see the PCRE documentation.
  442. # Negative values are not allowed.
  443. # WARNING: setting this limit too high may severely impact performance.
  444. # Default: 10000
  445. #PCREMatchLimit 20000
  446. # This option sets the maximum recursive calls to the PCRE match function during an instance of regex matching.
  447. # Instances using more than this limit will be terminated and alert the user but the scan will continue.
  448. # For more information on match_limit_recursion, see the PCRE documentation.
  449. # Negative values are not allowed and values > PCREMatchLimit are superfluous.
  450. # WARNING: setting this limit too high may severely impact performance.
  451. # Default: 5000
  452. #PCRERecMatchLimit 10000
  453. # This option sets the maximum filesize for which PCRE subsigs will be executed.
  454. # Files exceeding this limit will not have PCRE subsigs executed unless a subsig is encompassed to a smaller buffer.
  455. # Negative values are not allowed.
  456. # Setting this value to zero disables the limit.
  457. # WARNING: setting this limit too high or disabling it may severely impact performance.
  458. # Default: 25M
  459. #PCREMaxFileSize 100M
  460. ##
  461. ## On-access Scan Settings
  462. ##
  463. # Enable on-access scanning. Currently, this is supported via fanotify.
  464. # Clamuko/Dazuko support has been deprecated.
  465. # Default: no
  466. #ScanOnAccess yes
  467. # Set the mount point to be scanned. The mount point specified, or the mount point
  468. # containing the specified directory will be watched. If any directories are specified,
  469. # this option will preempt the DDD system. This will notify only. It can be used multiple times.
  470. # (On-access scan only)
  471. # Default: disabled
  472. #OnAccessMountPath /
  473. #OnAccessMountPath /home/user
  474. # Don't scan files larger than OnAccessMaxFileSize
  475. # Value of 0 disables the limit.
  476. # Default: 5M
  477. #OnAccessMaxFileSize 10M
  478. # Set the include paths (all files inside them will be scanned). You can have
  479. # multiple OnAccessIncludePath directives but each directory must be added
  480. # in a separate line. (On-access scan only)
  481. # Default: disabled
  482. #OnAccessIncludePath /home
  483. #OnAccessIncludePath /students
  484. # Set the exclude paths. All subdirectories are also excluded.
  485. # (On-access scan only)
  486. # Default: disabled
  487. #OnAccessExcludePath /home/bofh
  488. # With this option you can whitelist specific UIDs. Processes with these UIDs
  489. # will be able to access all files.
  490. # This option can be used multiple times (one per line).
  491. # Default: disabled
  492. #OnAccessExcludeUID 0
  493. # Toggles dynamic directory determination. Allows for recursively watching include paths.
  494. # (On-access scan only)
  495. # Default: no
  496. #OnAccessDisableDDD yes
  497. # Modifies fanotify blocking behaviour when handling permission events.
  498. # If off, fanotify will only notify if the file scanned is a virus,
  499. # and not perform any blocking.
  500. # (On-access scan only)
  501. # Default: no
  502. #OnAccessPrevention yes
  503. # Toggles extra scanning and notifications when a file or directory is created or moved.
  504. # Requires the DDD system to kick-off extra scans.
  505. # (On-access scan only)
  506. # Default: no
  507. #OnAccessExtraScanning yes
  508. ##
  509. ## Bytecode
  510. ##
  511. # With this option enabled ClamAV will load bytecode from the database.
  512. # It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses.
  513. # Default: yes
  514. #Bytecode yes
  515. # Bytecode mode
  516. #
  517. # This option has been set to 'ForceInterpreter' in Fedora due to
  518. # security concerns by default. You might need to enable the
  519. # 'antivirus_use_jit' SELinux boolean after setting this option to
  520. # the more efficient 'ForceJIT' value.
  521. #
  522. # Default: ForceInterpreter
  523. #ByteCodeMode ForceInterpreter
  524. # Set bytecode security level.
  525. # Possible values:
  526. # None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS
  527. # This value is only available if clamav was built with --enable-debug!
  528. # TrustSigned - trust bytecode loaded from signed .c[lv]d files,
  529. # insert runtime safety checks for bytecode loaded from other sources
  530. # Paranoid - don't trust any bytecode, insert runtime checks for all
  531. # Recommended: TrustSigned, because bytecode in .cvd files already has these checks
  532. # Note that by default only signed bytecode is loaded, currently you can only
  533. # load unsigned bytecode in --enable-debug mode.
  534. #
  535. # Default: TrustSigned
  536. #BytecodeSecurity TrustSigned
  537. # Set bytecode timeout in miliseconds.
  538. #
  539. # Default: 5000
  540. # BytecodeTimeout 1000
  541. ##
  542. ## Statistics gathering and submitting
  543. ##
  544. # Enable statistical reporting.
  545. # Default: no
  546. #StatsEnabled yes
  547. # Disable submission of individual PE sections for files flagged as malware.
  548. # Default: no
  549. #StatsPEDisabled yes
  550. # HostID in the form of an UUID to use when submitting statistical information.
  551. # Default: auto
  552. #StatsHostID auto
  553. # Time in seconds to wait for the stats server to come back with a response
  554. # Default: 10
  555. #StatsTimeout 10