chamilo-lms icon indicating copy to clipboard operation
chamilo-lms copied to clipboard
verified publisher icon chamilo

Scan files for viruses on upload

Open ywarnier opened this issue 4 years ago • 1 comments

Many institutions require any software they include to scan for viruses on uploaded files. ClamAV is an Open Source anti-virus that could be used for this. This is a composer-enabled library that allows us to use a ClamAV daemon or service for that: https://packagist.org/packages/xenolope/quahog

This scan should be implemented for any upload process (logo, stylesheets, SCORM, documents, dropbox, attachments to messages, etc).

ywarnier avatar Mar 07 '21 12:03 ywarnier

We also should keep an eye to commercial solutions like this: https://www.trendmicro.com/en_us/business/products/hybrid-cloud/cloud-one-file-storage-security.html

So somewhat API-like to say, uploads will be stored temporarily, uploaded to scanner. Then we have 2 options: If something found, delete and give user feedback/notify admin and get a backup of the upload.
Or we could let the AV solution simply do the extraction and delete process (as for zip files).

lonesomewalker avatar Apr 08 '21 19:04 lonesomewalker