Antivirus scan of files uploaded ?

[gxfab]

Hi,

I don't know if this is the right place or even if the concept is accurate. But I was wondering, does plik integrate feature like adding an antivirus to scan the uploaded files before sending them to the container configured ?

It would be great to scan files before uploading them in order to gurantee safety ?

Regards

GxFab

[camathieu]

We did some tries with ClamAV. In the end we found that it was not able to detect most Malwares uploaded to the server so we didn't pushed the effort further. What is super easy to do is to add a crontab with the anti-virus of your choice if you use the filesystem. For s3 you can use something like bucket AV. But that's not a proactive measure as the file will be uploaded successfully on the first place.

…

On Fri, Jun 9, 2023, 11:08 gxfab ***@***.***> wrote: Hi, I don't know if this is the right place or even if the concept is accurate. But I was wondering, does plik integrate feature like adding an antivirus to scan the uploaded files before sending them to the container configured ? It would be great to scan files before uploading them in order to gurantee safety ? Regards GxFab — Reply to this email directly, view it on GitHub <#483>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABQ5XPUHTUID3WKMNX6JXG3XKLRX3ANCNFSM6AAAAAAZALYGSA> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[gxfab]

At this time if you use another container, you may assume a container rsync on a dedicated sandboxed environment where clamav or any other antivirus software tool can scan.

It may be a solution but it seems to me that we can't handle having three container with an entry container , a safe one and an infected one.

Am I right ?

[ediazrod]

The main issue is that clamav don't have the signatures, go this way is the best, clamav is the only opensource alternative we will figure out how to add the best signatures...

Other option is use virustotal to get the good about the file right?