Content scanning during checkout/update

From: Toplak Daniel <D.Toplak_at_cadenas.de>
Date: Tue, 19 Jul 2011 14:06:59 +0200

Hi,

I want to implement a server side scanning for malicious content in both ways: when commits arrive and when checkouts updates are send to the client.
The first way is running fine via a pre-commit hook which extracts the content from the transaction and scan the content with clamav.

My problem is to get the 2nd thing working.

I have a running version with mod_clamav (http://software.othello.ch/mod_clamav/) as an apache output filter, but this works only if I turn of the bulk updates with "SVNAllowBulkUpdates off" in the apache config.
Disadvantage of this solutions is, that the checkouts/updates are extremely slow due to the "SVNAllowBulkUpdates off"
If I omit this setting (which is the default) then the checkouts/updates are fast, but the scanning is no longer working.
Does anyone have a good idea to solve this problem?

My system:

- Debian Linux 6.0 AMD64

- Apache 2.2.16

- Subversion 1.6.12

Regards
Daniel Toplak
Received on 2011-07-19 14:11:53 CEST

This message: [ Message body ]
Next message: David Aldrich: "RE: merge --reintegrate crash"
Previous message: Stefan Sperling: "Re: merge --reintegrate crash"
Next in thread: Ryan Schmidt: "Re: Content scanning during checkout/update"
Reply: Ryan Schmidt: "Re: Content scanning during checkout/update"
Reply: Mark Phippard: "Re: Content scanning during checkout/update"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]