Forum OpenACS Q&A: File storage module concern

Collapse
Posted by Andrew Smith on
Hi,
There is a general concern among the people I have met. If file storage module is used with in an organization then how to integrate it with an antivirus so that affected files are not uploaded. Any discussion or solution around this topic would be greatly appreciated
Regards
Collapse
Posted by Jun Yamog on
hire4 acs, (weird name)

Just set your file storage to store the files in the file system.  Have your anti-virus scan at [oacs_root]/content-repository-content-files.  Now you only have to scan in a central repository.

Also you can modify file storage for your own needs.  Before creating the content item on the folder scan the uploaded temp file.  Another  solution is make a list in file or db of the files that are uploaded to the file-storage.  The anti virus will run on the list and will then purge the list.

Collapse
Posted by Andrew Smith on
Hi simon,
I got your mail but I dont see your posting here . Why ?
We are trying to implement an intranet based on 3.4.5 openacs in an organization. These people use windows as their desktop clients.
They would be accessing the filestorage module of our intranet using IE and upload and download files. What happens now is if there is an virus affected desktop and a virus affected file is uploaded from that macine and downloaded to other machines then there is a problem .
What we are looking forward to is a yahoo style virus check mechanism where we can have the uploaded files checked for virus and inform the user that the file uploaded by him contains virus and will be deleted by the system and please upload a virus free file .
Regards.

========================= Simon wrote : Urm... well a virus can only do any harm if its actually run! I've never heard of a virus that sits in an unexecutable file and magically jumps to life
And even if so, why not just run a virus scan on the uploaded file? And, why am I talking about this I don't have a windows box???????? and OpenACS barely runs on it anyway.
Collapse
Posted by Simon at TCB on
Hi,

I have no idea what happened to my posting! Having said that the whole new forum stuff seems to be a bit shaky at the moment, so perhaps its a victim of some initial gremlins...probably based on forums package not bboard... dunno though.

Anyway, I see no reason why you can't run a virus checker locally that scans inbound files and accepts/rejects them. I didn't realise thats all you wanted to do.

Surely then its just case of installing your favourite, corporate, super-sanitation-virus-sweeper thingumy...

Actually I am the only one who wonders whether virus checking is a self-perpetuating business? After all who is it keeps knocking out just enough viruses to keep the industry in business, and just underly complex enough that Norton can keep figuring them out?