[Building Sakai] Antivirus integration in Sakai

David Horwitz david.horwitz at uct.ac.za
Thu Jan 13 01:29:15 PST 2011 

One of the issues with this model is a workflow like assignment
submission - once a file is accepted in an assignment submission it
can't be deleted - it has to be rejected in band with the submission or
accepted and never removed.

D

On 01/13/2011 11:24 AM, Jose Rabal Sastre wrote:
>   Hi Tony, thanks for your answer.
>
> I think that move the AV scanning away from the HTTP upload is a good 
> possible solution. The file could be uploaded, scanned in a background 
> task, and deleted later if the scanning finds a virus. This would open 
> multiple Sakai possible variations like disabling the downloading of the 
> file while the process is running, show a "Scanning.." message, 
> notifying user via email on possitive with the virus name, etc.
> Maybe a new JIRA improvement can be opened.
>
> José Rabal Sastre
> University of Murcia
>
> El 12/01/2011 9:36, Tony Stevenson escribió:
>   
>> On Wed, Jan 12, 2011 at 09:14:13AM +0100, Jose Rabal Sastre wrote:
>>     
>>>    Hi All,
>>>
>>> We are evaluating the possibility of integrating ClamAV antivirus in
>>> Sakai. Initially, we are seeing that the time to upload a file is
>>> increased too much because the scan of a 6 MB file takes over a minute.
>>> The PC where we provisionally hosted the antivirus daemon is a 2.50Mhz
>>> dual core with 3 GB of RAM.
>>>       
>> José, AV clients are notorious for not being threaded.  In other words it's a one in, one out operation.
>> Also, streaming a file through an AV, during upload requires you to have a collection of machines to pass the AV off too.  If you don't want to have a queue form on a prodcution platform.
>>
>> have you considered uploading the file to a chroot type jail on the system, and scanning once on disk.  This can be a background task, and will not affect the HTTP upload, as this is what you are suffering from, you have two choices:
>>
>> 1) Extend your HTTP tcp lifetime session timeout value (dangerousm in that you can easily invoke a DoS style attack by opening lots of sessions and waiting for the longer timeout to expire)
>>
>> 2) Move the AV scanning away from the HTTP upload, like I suggest earlier.
>>
>>
>>
>>
>>     
>>> Has anyone tried to integrate ClamAV in Sakai with an acceptable
>>> performance?
>>>
>>> Thanks.
>>>
>>> José Rabal Sastre
>>> University of Murcia
>>>
>>> _______________________________________________
>>> sakai-dev mailing list
>>> sakai-dev at collab.sakaiproject.org
>>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>>
>>> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
>>>       
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
>

More information about the sakai-dev mailing list