[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Content scanning during checkout/update

From: Toplak Daniel <D.Toplak_at_cadenas.de>
Date: Tue, 19 Jul 2011 14:06:59 +0200


I want to implement a server side scanning for malicious content in both ways: when commits arrive and when checkouts updates are send to the client.
The first way is running fine via a pre-commit hook which extracts the content from the transaction and scan the content with clamav.

My problem is to get the 2nd thing working.

I have a running version with mod_clamav (http://software.othello.ch/mod_clamav/) as an apache output filter, but this works only if I turn of the bulk updates with "SVNAllowBulkUpdates off" in the apache config.
Disadvantage of this solutions is, that the checkouts/updates are extremely slow due to the "SVNAllowBulkUpdates off"
If I omit this setting (which is the default) then the checkouts/updates are fast, but the scanning is no longer working.
Does anyone have a good idea to solve this problem?

My system:

- Debian Linux 6.0 AMD64

- Apache 2.2.16

- Subversion 1.6.12

Daniel Toplak
Received on 2011-07-19 14:11:53 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.