[Building Sakai] Antivirus integration in Sakai

Thu Jan 13 04:34:49 PST 2011

Anyone else doing scan on write? Our filer is doing this on the sakai
content share and we haven't had any throughput issues.

On Thu, Jan 13, 2011 at 4:29 AM, David Horwitz <david.horwitz at uct.ac.za>wrote:

> One of the issues with this model is a workflow like assignment
> submission - once a file is accepted in an assignment submission it
> can't be deleted - it has to be rejected in band with the submission or
> accepted and never removed.
>
> D
>
> On 01/13/2011 11:24 AM, Jose Rabal Sastre wrote:
> >   Hi Tony, thanks for your answer.
> >
> > I think that move the AV scanning away from the HTTP upload is a good
> > possible solution. The file could be uploaded, scanned in a background
> > task, and deleted later if the scanning finds a virus. This would open
> > multiple Sakai possible variations like disabling the downloading of the
> > file while the process is running, show a "Scanning.." message,
> > notifying user via email on possitive with the virus name, etc.
> > Maybe a new JIRA improvement can be opened.
> >
> > José Rabal Sastre
> > University of Murcia
> >
> > El 12/01/2011 9:36, Tony Stevenson escribió:
> >
> >> On Wed, Jan 12, 2011 at 09:14:13AM +0100, Jose Rabal Sastre wrote:
> >>
> >>>    Hi All,
> >>>
> >>> We are evaluating the possibility of integrating ClamAV antivirus in
> >>> Sakai. Initially, we are seeing that the time to upload a file is
> >>> increased too much because the scan of a 6 MB file takes over a minute.
> >>> The PC where we provisionally hosted the antivirus daemon is a 2.50Mhz
> >>> dual core with 3 GB of RAM.
> >>>
> >> José, AV clients are notorious for not being threaded.  In other words
> it's a one in, one out operation.
> >> Also, streaming a file through an AV, during upload requires you to have
> a collection of machines to pass the AV off too.  If you don't want to have
> a queue form on a prodcution platform.
> >>
> >> have you considered uploading the file to a chroot type jail on the
> system, and scanning once on disk.  This can be a background task, and will
> not affect the HTTP upload, as this is what you are suffering from, you have
> two choices:
> >>
> >> 1) Extend your HTTP tcp lifetime session timeout value (dangerousm in
> that you can easily invoke a DoS style attack by opening lots of sessions
> and waiting for the longer timeout to expire)
> >>
> >> 2) Move the AV scanning away from the HTTP upload, like I suggest
> earlier.
> >>
> >>
> >>
> >>
> >>
> >>> Has anyone tried to integrate ClamAV in Sakai with an acceptable
> >>> performance?
> >>>
> >>> Thanks.
> >>>
> >>> José Rabal Sastre
> >>> University of Murcia
> >>>
> >>> _______________________________________________
> >>> sakai-dev mailing list
> >>> sakai-dev at collab.sakaiproject.org
> >>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >>>
> >>> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
> >>>
> > _______________________________________________
> > sakai-dev mailing list
> > sakai-dev at collab.sakaiproject.org
> > http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >
> > TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
> >
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20110113/d477cfb8/attachment.html 