Well, I understand that it won't be an easy task .
I like this one:
"Can't you just svnlook cat -t each file?"
if you have a complete command sample with a pipe to clamav , that would
same me hours searching how to do it ;-) .
The alternative of checking-out a dedicated Working Copy for scanning it
with a windows antivirus and then commit back on the server repository
only clean files seems ok to me, but what should I do with eventual
infected files ? hopefully the antivirus would remove the virus from the
infected file, and then I force a commit on it ? but how ? I have to do
a small change in it so that it get a newer revision ?
Thanks .
Andy Levy a écrit :
> On Fri, Nov 14, 2008 at 13:19, Bob Archer <Bob.Archer_at_amsi.com> wrote:
>
>> Can't you create pre-commit scripts client side to do something like
>> this?
>>
>
> Depends on what "this" is.
>
> To scan the file contents before they go into the repository, you'd
> have to maintain a WC on the server for the whole repository (or
> perform a checkout or export) and apply the diff to that WC, then run
> the virus scan & check the results.
>
>
>> -----Original Message-----
>> From: Andy Levy [mailto:andy.levy_at_gmail.com]
>> Sent: Friday, November 14, 2008 1:14 PM
>> To: jehan.procaccia_at_it-sudparis.eu
>> Cc: users_at_subversion.tigris.org
>> Subject: Re: scan repository for viruses
>>
>> On Fri, Nov 14, 2008 at 13:01, jehan procaccia
>> <jehan.procaccia_at_it-sudparis.eu> wrote:
>>
>>> hello,
>>>
>>> I know that some users commit files containing viruses :-(
>>> how can I check/scan a svn repository for viruses before the they are
>>>
>> spread
>>
>>> on all clients updating their local files ?
>>>
>>> I know that real files /revisions are located in db/revs subdir (ei
>>> /svn/repos/Test-repo/db/revs), but then it's only index filenames ...
>>> is their a way to scan a repository on the server ?
>>>
>>> PS: I use subversion-1.4.2-2.el5 on Centos 5.2 , btw, do you recommend
>>>
>> an
>>
>>> anti-virus under linux ?
>>>
>> Even when whole versions of the files are stored, I believe they're
>> stored compressed. You'll have to check out each revision of the
>> repository and scan incrementally.
>>
>> But what will you do once you've found the files? Remove them with
>> svnadmin dump/svndumpfilter/svnadmin load?
>>
>> Won't the antivirus on the desktops protect those desktops when they
>> perform a checkout? How did these infected files even get into the
>> repository in the first place? You may fix the problem "today" but
>> unless measures are in place, you could find yourself back in this
>> same position next week.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
>> For additional commands, e-mail: users-help_at_subversion.tigris.org
>>
>>
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-11-14 20:33:12 CET