You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by ma...@apache.org on 2004/10/15 06:01:09 UTC

cvs commit: jakarta-commons/fileupload/xdocs using.xml

martinc     2004/10/14 21:01:08

  Modified:    fileupload/xdocs using.xml
  Log:
  Bug #27193 - Some documentation on interaction with virus scanners.
  
  Revision  Changes    Path
  1.4       +34 -0     jakarta-commons/fileupload/xdocs/using.xml
  
  Index: using.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-commons/fileupload/xdocs/using.xml,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- using.xml	25 Feb 2004 21:07:12 -0000	1.3
  +++ using.xml	15 Oct 2004 04:01:08 -0000	1.4
  @@ -233,6 +233,40 @@
   ...]]></source>
     </section>
   
  +  <section name="Interaction with virus scanners">
  +    <p>
  +      Virus scanners running on the same system as the web container can cause
  +      some unexpected behaviours for applications using FileUpload. This section
  +      describes some of the behaviours that you might encounter, and provides
  +      some ideas for how to handle them.
  +    </p>
  +    <p>
  +      The default implementation of FileUpload will cause uploaded items above
  +      a certain size threshold to be written to disk. As soon as such a file is
  +      closed, any virus scanner on the system will wake up and inspect it, and
  +      potentially quarantine the file - that is, move it to a special location
  +      where it will not cause problems. This, of course, will be a surprise to
  +      the application developer, since the uploaded file item will no longer be
  +      available for processing. On the other hand, uploaded items below that
  +      same threshold will be held in memory, and therefore will not be seen by
  +      virus scanners. This allows for the possibility of a virus being retained
  +      in some form (although if it is ever written to disk, the virus scanner
  +      would locate and inspect it).
  +    </p>
  +    <p>
  +      One commonly used solution is to set aside one directory on the system
  +      into which all uploaded files will be placed, and to configure the virus
  +      scanner to ignore that directory. This ensures that files will not be
  +      ripped out from under the application, but then leaves responsibility for
  +      virus scanning up to the application developer. Scanning the uploaded
  +      files for viruses can then be performed by an external process, which
  +      might move clean or cleaned files to an "approved" location, or by
  +      integrating a virus scanner within the application itself. The details of
  +      configuring an external process or integrating virus scanning into an
  +      application are outside the scope of this document.
  +    </p>
  +  </section>
  +
     <section name="What's next">
       <p>
         Hopefully this page has provided you with a good idea of how to use
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org