ClamAV Unofficial Signatures
There are two good approaches to using unofficial signatures on Gentoo (and elsewhere). The first is to use, and the second is to use freshclam itself. The eXtremeSHOK clamav-unofficial-sigs script is not a secure option.
Freshclam now supports https URLs, so if your unofficial signatures are available direct from an http(s) URL, then adding them to freshclam is easy. For example,
# These HTTP mirrors aren't quite official, but I've asked about them
# on the sanesecurity mailing list and someone offered them to the public.
There are only a few downsides to using freshclam:
- Freshclam can't rename the downloaded file, so if the source file is incorrectly named, freshclam will fail to validate it (because clamav won't know how to read it).
- Freshclam only supports http(s), so you're out of luck if your database is only served over rsync.
- There's currently a bug in freshclam that causes it to validate malformed databases, which will crash clamav. So if there's a chance that you'll download a bad database, freshclam may not be the best choice (until that bug is fixed).