Thank you very much for the reply David. I was compiling ClamAV from
source very late last night, but if I can go through apt-get, I'll
certainly do that. I'm with you, I would certainly rather catch these
on the upload than the download. I tried to talk the client into only
using a the text from the resume, which I'm going to grab and stick
into the DB anyway, but for some reason, they insist on letting people
upload.
Kindest regards,
Brandon
On Nov 13, 6:08 am, David De La Harpe Golden
<david.delaharpe.gol...@ichec.ie> wrote:
> Brandon Taylor wrote:
> > Greetings all,
>
> > My project involves uploading Word documents (resumes), and I would
> > like to be able to scan them for viruses. I've found ClamAV, but
> > installation is proving a little testy. So, I thought I'd ping the
> > community for advice. Should I even be concerned with this? My
> > deployment server is Linux, and the client is running anti virus
> > software on their PCs, which I'm sure scan downloads.
>
> > I'd appreciate your advice!
>
> I'd certainly be vaguely concerned about it.
>
> Installing clamav-daemon, clamav-freshclam, python-pyclamd etc. should
> be a straightforward "aptitude install" operation on debian at least.
>
> I'm presently using clamav via pyclamd to scan uploaded docs in django
> via a forms.FileField subclass, something along the lines of the example
> below:
>
> from django.forms import fields
>
> import pyclamd
> from pyclamd import ScanError
>
> # really this should be a setting, and of course allow network_socket
> pyclamd.init_unix_socket(filename='/var/run/clamav/clamd.ctl')
>
> class VirusScannedFileField(forms.FileField):
> default_error_messages = {
> 'virus_found': u"Warning! Warning! Uploaded File may contain a
> VIRUS! %(virus_detail)s",
> 'virus_commerr': u"Failed to contact virus scanner. Please try
> again later.",
> }
> def clean(self, data, initial=None):
> """
> Uses pyclamd to virus check an uploaded file
> """
> f = super(VirusScannedFileField, self).clean(data, initial)
> if f is None:
> return None
> elif not data and initial:
> return initial
>
> # We might have a path or we might
> # have to read the data into memory
> # FIXME: use scan_file and scan_stream as appropriate
> if hasattr(data, 'temporary_file_path'):
> buf = file(data.temporary_file_path(),'rb').read()
> else:
> if hasattr(data, 'read'):
> buf = data.read()
> else:
> buf = data['content']
> try:
> ret = pyclamd.scan_stream(buf)
> if ret:
> raise
> fields.ValidationError(self.error_messages['virus_found'] %
> {'virus_detail': ', '.join([i for i in ret.itervalues()])})
>
> except ScanError, e:
> raise
> fields.ValidationError(self.error_messages['virus_commerr'])
>
> if hasattr(f, 'seek') and callable(f.seek):
> f.seek(0)
> return f
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=.
