NYCPHP Meetup

NYPHP.org

[nycphp-talk] virus scans and php

aaron aaron at aarond.com
Wed Dec 7 15:05:11 EST 2005 

Thanks, although it does seem to just be for *nix.

 >Seriously, if embedded viruses are a problem, we're all screwed. It's
 >not irresponsible to say "not my job" in this case.

Yea I hear ya, but the boss man wants virus scan. I may have to have a 
temp wait time & directory to allow McAfee or some other crappy 
application to scan the directory before moving the files.


Aaron D.



Alberto dos Santos wrote:

> http://www.clamav.net/binary.html#pagestart
>
> It's not as straightforward as on linux, but it works.
>
> On 07/12/05, *csnyder* <chsnyder at gmail.com 
> <mailto:chsnyder at gmail.com>> wrote:
>
>     On 12/7/05, aaron <aaron at aarond.com <mailto:aaron at aarond.com>> wrote:
>     > I'm working on an Image Database where public users would submit
>     images
>     > through an html form then the images and related form info would
>     be sent
>     > to a private network. The info then goes to an Oracle db, and
>     based on
>     > the unique id's given to the records in the db I rename the
>     images and
>     > place in a temp folder.
>     >
>     > The issue of running some type of virus scan outside of php file
>     checks
>     > on the images came up in a meeting and I wasn't sure what to
>     say.  Is
>     > there some type of way a virus scan software can talk to php? Or
>     another
>     > way to handle virus scans and file uploads?
>     >
>     > We have win2k servers and PHP 4.3.1
>     >
>     > thanks,
>     > Aaron D.
>
>
>     Seems like you could pass to ClamAV for processing... except I don't
>     know if that's Linux only.
>
>     Then again, image handling libraries try very hard not to execute
>     anything embedded in the image, so your only concern is someone
>     downloading an infected image, changing the extension to .exe, and
>     then double-clicking it.
>
>     Seriously, if embedded viruses are a problem, we're all screwed. It's
>     not irresponsible to say "not my job" in this case.
>
>
>     --
>     Chris Snyder
>     http://chxo.com/
>     _______________________________________________
>     New York PHP Talk Mailing List
>     AMP Technology
>     Supporting Apache, MySQL and PHP
>     http://lists.nyphp.org/mailman/listinfo/talk
>     <http://lists.nyphp.org/mailman/listinfo/talk>
>     http://www.nyphp.org
>
>
>
>
> -- 
> Alberto dos Santos
> Consultor em TI
> IT Consultant
>
> http://www.yournway.com <http://www.yournway.com>
> A internet à sua maneira.
> The Internet your own way.
>
>------------------------------------------------------------------------
>
>_______________________________________________
>New York PHP Talk Mailing List
>AMP Technology
>Supporting Apache, MySQL and PHP
>http://lists.nyphp.org/mailman/listinfo/talk
>http://www.nyphp.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20051207/247b7dc1/attachment.html>

More information about the talk mailing list