Thanks Tim for your extensive note.
________________________________
From: Tim Donohue [mailto:[EMAIL PROTECTED]
Sent: Fri 8/17/2007 9:46 PM
To: Jayan Chirayath Kurian
Subject: Re: [Dspace-tech] DSpace item submission
Jayan,
There is actually no difference between the "bitstream" in DSpace and
the original file. What actually happens is the following (as an example):
- Suppose the user uploads a PDF document into DSpace
- After the submission is completed, the PDF is stored as a bitstream in
the "Assetstore" which a random string of digits as a name (e.g.
23456789012). The file extension is actually removed as well.
- This bitstream is IDENTICAL to the original PDF. So, if you actually
ventured into the Assetstore and found that oddly named file, you could
change it's extension back to ".pdf" and successfully open it in Acrobat
Reader (or another PDF program)
So, since McAfee and other virus scan programs are NOT dependent on file
extensions, etc. the v-scan software should scan the bitstream in the
same way as the original file. So, either way, it should definitely
report if a virus exists in a bitstream.
The one thing to be careful about is what happens when a bitstream is
found to have a virus. If you virus scanner is set up to remove or
quarantine the file, then it will either remove or quarantine that
bitstream file. This will obviously cause DSpace to no longer be able
to find the file...even though all the file's metadata is still there.
There's unfortunately no easy way around this issue though. I just
have the virus scanner set up to notify me of viruses via email, and
then I'd actually try and contact the submitter to see if I can get a
virus free version of the file. (However,I've actually never run across
a virus yet)
Hopefully this helps,
-Tim
Jayan Chirayath Kurian wrote:
> Hi! Tim,
>
> I just had a chat with the system administrator here and she suggests as
> follows.
>
> ------
> "Would think the file need to be scanned before it is converted into bit
> stream format else a virus file can be converted into bit stream and
> will not be a virus file to the v-scan software right? In this case, the
> user who downloads the files eventually may get a virus."
> ------
>
> My understanding is that in DSpace documents submitted are saved as bit
> streams in the asset store directory. Could you please suggest whether
> McAfee can scan and detect virus if existing in these bit stream files.
> Your comments are welcome.
>
> Thanks,
> Jayan
>
> -----Original Message-----
> From: Tim Donohue [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, August 14, 2007 10:56 PM
> To: Jayan Chirayath Kurian
> Subject: Re: [Dspace-tech] DSpace item submission
>
> Jayan,
>
> We have McAfee LinuxShield running here on our Linux production server.
> The McAfee on-access scanner *should* automatically pick up accesses
> to the DSpace assetstore files, since the DSpace assetstore just
> consists of files on the filesystem.
>
> I should admit I'm not an expert on McAfee though, and I wasn't the one
> to install it and set it up, etc. But, I have logged into the
> LinuxShield Admin Web interface, and can see that the on-access scanner
> *does* scan files coming in/out of the assetstore when they are accessed
>
> through DSpace. They appear as actually being accessed by the user who
> you installed DSpace/Tomcat as.
>
> So, I think it's really as simple as setting up the on-access scanner,
> and making sure it is set up to scan all files under:
> [dspace]/assetstore/
> (or whereever your assetstore is located)
>
> I hope this helps!
>
> - Tim
>
> Jayan Chirayath Kurian wrote:
>> Tim,
>>
>> Regarding (1), after submitting items into DSpace, the Mcafee v-scan
>> (on-access virus scanner used here) can be enabled to scan the
> bitstream
>> files in the DSpace assetstore. Is my understanding correct? Please
>> suggest.
>>
>> I believe almost all DL tools don't have this feature yet.
>>
>> Thanks,
>> Jayan
>>
>> -----Original Message-----
>> From: Tim Donohue [mailto:[EMAIL PROTECTED]
>> Sent: Thursday, July 26, 2007 9:57 PM
>> To: Jayan Chirayath Kurian
>> Cc: [email protected]
>> Subject: Re: [Dspace-tech] DSpace item submission
>>
>> Jayan,
>>
>> There's a few options you could take:
>>
>> 1) Just have an on-access virus scanner running on the machine, and
> have
>> it scan new files for virus. This solution would not integrate into
>> DSpace at all, but it would make sure that you are virus-free.
>> Currently, this is the route we are taking at UIUC, since there's
>> nothing more integrated with DSpace, yet.
>>
>> 2) In DSpace 1.5, the Configurable Submission is being officially
>> released. As part of this, there is the new ability to reorder steps
> in
>> the submission process as well as create new custom ones (with a
> little
>> Java programming, of course). So, you could create a custom
>> non-interactive (i.e. without a user interface) submission "step"
> which
>> scans newly uploaded files for viruses. This step could report the
>> results of that virus scan to somewhere (database or session variable)
>
>> where the Verify/Review step could then inform the submitter whether
> or
>> not the file was found to contain viruses.
>>
>> I'm hoping that someone will take on #2. I admit, I've thought about
> it
>> quite a bit, but haven't had a chance to free up enough time yet to
>> implement it.
>>
>> Definitely let me know if this doesn't make sense! :)
>>
>> - Tim
>>
>> Jayan Chirayath Kurian wrote:
>>> Hi!
>>>
>>>
>>>
>>> How to make sure that the items submitted to a DSpace repository by
>>> authorized users are free from virus. Is there any way to include in
>> the
>>> submission workflow or has to be done manually. Please suggest the
>> best
>>> course of action.
>>>
>>>
>>>
>>> Thanks,
>>>
>>> Jayan
>>>
>>>
>>>
> ------------------------------------------------------------------------
> ------------------------------------------------------------------------
>> -
>>> This SF.net email is sponsored by: Splunk Inc.
>>> Still grepping through log files to find problems? Stop.
>>> Now Search log events and configuration files using AJAX and a
>> browser.
>>> Download your FREE copy of Splunk now >> http://get.splunk.com/
>>>
>>>
>>>
> ------------------------------------------------------------------------
>>> _______________________________________________
>>> DSpace-tech mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/dspace-tech
>
--
========================================
Tim Donohue
Research Programmer, Illinois Digital Environment for
Access to Learning and Scholarship (IDEALS)
135 Grainger Engineering Library
University of Illinois at Urbana-Champaign
email: [EMAIL PROTECTED]
web: http://www.ideals.uiuc.edu <http://www.ideals.uiuc.edu/>
phone: (217) 333-4648
fax: (217) 244-7764
========================================
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
DSpace-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-tech
