Attenzione
You do not have a menu item pointing to the list all Akeeba Ticket System categories for the Italian (Italy) language. Ticket links may be broken until you add such a menu item.
#4 – can not download
Hi,
thank you for the heads up.
I just finished checking viruses and logs for unusual activities, and everything looks clean.
There was however an issue with the software managing the releases of our components, which made strange errors with the site styles and routing (trying to download the toomanyfiles plugin you would get the little helper package).
This was a strange routing issue which could have raised the flags of your antivirus; however I tested with joomscan, maldet, clamav, nod and avast and everything looks clean.
Would you try again or provide more details to confirm the issue is solved?
Ok then, it's fairly clear now. Please disregard my previous message as the issue described was totally unrelated.
Joomla Little Helper has a "clean cache" feature which deletes the content of the cache folders. In order to achieve max performance on large sites, it tries to use some system functions (namely rm -rf) to delete folders.
Php can be configured to prevent usage of some direct system access calls, so I use an approach which - alas - can be found in viruses too: I test if the functions system, exec etc. are available and if so I use them; after this, I proceed with the standard (and much slower) php functions as a rollback.
This leads me to think it may be a false positive; please let me know what antivirus product you are using so I may investigate further with the producers and create a test case.
It would be extremely easy to remove the direct system calls, but then the clean cache will easily take 10 seconds on a website with moderate traffic, as opposed to 1/100th of a second of the direct system call: would you recommend we release a "small sites only" version without those calls? On most company websites it wouldn't make any difference.
Little Helper's features help mostly while setting up a site, and I think (hope) nobody has been installing 1.5 for quite a while.
Joomla 1.5 sites are often hacked, the version is not mantained since ages, and I guess the JED won't even publish 1.5 versions any longer. Hence there is no J1.5 version planned.
Update: Avast has accepted to include our file in their exclusion list, hopefully this will solve the issue as no other antivirus mark it as infected.