[Building Sakai] Antivirus integration in Sakai
David Horwitz
david.horwitz at uct.ac.za
Thu Jan 13 04:55:18 PST 2011
Hi Dave,
We're running the scan on upload (since December) and haven't seen an
issue yet - its something we're monitoring as the term starts
D
On 01/13/2011 02:34 PM, Dave Ross wrote:
> Anyone else doing scan on write? Our filer is doing this on the sakai
> content share and we haven't had any throughput issues.
>
> On Thu, Jan 13, 2011 at 4:29 AM, David Horwitz
> <david.horwitz at uct.ac.za <mailto:david.horwitz at uct.ac.za>> wrote:
>
> One of the issues with this model is a workflow like assignment
> submission - once a file is accepted in an assignment submission it
> can't be deleted - it has to be rejected in band with the
> submission or
> accepted and never removed.
>
> D
>
> On 01/13/2011 11:24 AM, Jose Rabal Sastre wrote:
> > Hi Tony, thanks for your answer.
> >
> > I think that move the AV scanning away from the HTTP upload is a
> good
> > possible solution. The file could be uploaded, scanned in a
> background
> > task, and deleted later if the scanning finds a virus. This
> would open
> > multiple Sakai possible variations like disabling the
> downloading of the
> > file while the process is running, show a "Scanning.." message,
> > notifying user via email on possitive with the virus name, etc.
> > Maybe a new JIRA improvement can be opened.
> >
> > José Rabal Sastre
> > University of Murcia
> >
> > El 12/01/2011 9:36, Tony Stevenson escribió:
> >
> >> On Wed, Jan 12, 2011 at 09:14:13AM +0100, Jose Rabal Sastre wrote:
> >>
> >>> Hi All,
> >>>
> >>> We are evaluating the possibility of integrating ClamAV
> antivirus in
> >>> Sakai. Initially, we are seeing that the time to upload a file is
> >>> increased too much because the scan of a 6 MB file takes over
> a minute.
> >>> The PC where we provisionally hosted the antivirus daemon is a
> 2.50Mhz
> >>> dual core with 3 GB of RAM.
> >>>
> >> José, AV clients are notorious for not being threaded. In
> other words it's a one in, one out operation.
> >> Also, streaming a file through an AV, during upload requires
> you to have a collection of machines to pass the AV off too. If
> you don't want to have a queue form on a prodcution platform.
> >>
> >> have you considered uploading the file to a chroot type jail on
> the system, and scanning once on disk. This can be a background
> task, and will not affect the HTTP upload, as this is what you are
> suffering from, you have two choices:
> >>
> >> 1) Extend your HTTP tcp lifetime session timeout value
> (dangerousm in that you can easily invoke a DoS style attack by
> opening lots of sessions and waiting for the longer timeout to expire)
> >>
> >> 2) Move the AV scanning away from the HTTP upload, like I
> suggest earlier.
> >>
> >>
> >>
> >>
> >>
> >>> Has anyone tried to integrate ClamAV in Sakai with an acceptable
> >>> performance?
> >>>
> >>> Thanks.
> >>>
> >>> José Rabal Sastre
> >>> University of Murcia
> >>>
> >>> _______________________________________________
> >>> sakai-dev mailing list
> >>> sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>
> >>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >>>
> >>> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org
> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a
> subject of "unsubscribe"
> >>>
> > _______________________________________________
> > sakai-dev mailing list
> > sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>
> > http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >
> > TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org
> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a
> subject of "unsubscribe"
> >
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> <mailto:sakai-dev at collab.sakaiproject.org>
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org
> <mailto:sakai-dev-unsubscribe at collab.sakaiproject.org> with a
> subject of "unsubscribe"
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20110113/7e6320d5/attachment.html
More information about the sakai-dev
mailing list