[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Re: scan repository for viruses

From: Andy Levy <andy.levy_at_gmail.com>
Date: Fri, 14 Nov 2008 13:24:28 -0500

On Fri, Nov 14, 2008 at 13:19, Bob Archer <Bob.Archer_at_amsi.com> wrote:
> Can't you create pre-commit scripts client side to do something like
> this?

Depends on what "this" is.

To scan the file contents before they go into the repository, you'd
have to maintain a WC on the server for the whole repository (or
perform a checkout or export) and apply the diff to that WC, then run
the virus scan & check the results.

> -----Original Message-----
> From: Andy Levy [mailto:andy.levy_at_gmail.com]
> Sent: Friday, November 14, 2008 1:14 PM
> To: jehan.procaccia_at_it-sudparis.eu
> Cc: users_at_subversion.tigris.org
> Subject: Re: scan repository for viruses
>
> On Fri, Nov 14, 2008 at 13:01, jehan procaccia
> <jehan.procaccia_at_it-sudparis.eu> wrote:
>> hello,
>>
>> I know that some users commit files containing viruses :-(
>> how can I check/scan a svn repository for viruses before the they are
> spread
>> on all clients updating their local files ?
>>
>> I know that real files /revisions are located in db/revs subdir (ei
>> /svn/repos/Test-repo/db/revs), but then it's only index filenames ...
>> is their a way to scan a repository on the server ?
>>
>> PS: I use subversion-1.4.2-2.el5 on Centos 5.2 , btw, do you recommend
> an
>> anti-virus under linux ?
>
> Even when whole versions of the files are stored, I believe they're
> stored compressed. You'll have to check out each revision of the
> repository and scan incrementally.
>
> But what will you do once you've found the files? Remove them with
> svnadmin dump/svndumpfilter/svnadmin load?
>
> Won't the antivirus on the desktops protect those desktops when they
> perform a checkout? How did these infected files even get into the
> repository in the first place? You may fix the problem "today" but
> unless measures are in place, you could find yourself back in this
> same position next week.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
> For additional commands, e-mail: users-help_at_subversion.tigris.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-11-14 19:24:45 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.