[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Re: scan repository for viruses

From: Bob Archer <Bob.Archer_at_amsi.com>
Date: Fri, 14 Nov 2008 13:19:36 -0500

Can't you create pre-commit scripts client side to do something like
this?

-----Original Message-----
From: Andy Levy [mailto:andy.levy_at_gmail.com]
Sent: Friday, November 14, 2008 1:14 PM
To: jehan.procaccia_at_it-sudparis.eu
Cc: users_at_subversion.tigris.org
Subject: Re: scan repository for viruses

On Fri, Nov 14, 2008 at 13:01, jehan procaccia
<jehan.procaccia_at_it-sudparis.eu> wrote:
> hello,
>
> I know that some users commit files containing viruses :-(
> how can I check/scan a svn repository for viruses before the they are
spread
> on all clients updating their local files ?
>
> I know that real files /revisions are located in db/revs subdir (ei
> /svn/repos/Test-repo/db/revs), but then it's only index filenames ...
> is their a way to scan a repository on the server ?
>
> PS: I use subversion-1.4.2-2.el5 on Centos 5.2 , btw, do you recommend
an
> anti-virus under linux ?

Even when whole versions of the files are stored, I believe they're
stored compressed. You'll have to check out each revision of the
repository and scan incrementally.

But what will you do once you've found the files? Remove them with
svnadmin dump/svndumpfilter/svnadmin load?

Won't the antivirus on the desktops protect those desktops when they
perform a checkout? How did these infected files even get into the
repository in the first place? You may fix the problem "today" but
unless measures are in place, you could find yourself back in this
same position next week.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-11-14 19:20:00 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.