[clamav-users] Run script on file scanned but no virus found
Reindl Harald
h.reindl at thelounge.net
Thu Nov 2 18:47:03 UTC 2017
Am 02.11.2017 um 19:21 schrieb Chris Johnson:
> Because it takes too long to launch. Clamd called from php took about
> 5 seconds, on access detects the file in under .05seconds
no - if you fire up clamd on demand you are doing it plain wrong
clamd is designed as a long running service and clamdscan talks to the
already initaialized clamd - clamd for sure don't take 5 seconds for a
single scan, otherwise it would be not possible here to have 3
before-queue clamd (2 as spamassassin plgun via spamass-milter and 1 via
clamav-milter)
don't confuse clamscan and clamdscan
> On 2 November 2017 at 15:34, Reindl Harald <h.reindl at thelounge.net> wrote:
>>
>>
>> Am 02.11.2017 um 16:28 schrieb Chris Johnson:
>>>
>>> PHP checks for the existence for the file with (deleted) in the file
>>> name, blocks the addition of this file to our records and deletes it.
>>> Clam AV typically creates this additional file within 0.025 seconds
>>> when testing with the eicar test file
>>>
>>> Is there a way of getting clamd to run a script when a virus is not found?
>>
>>
>> why in the world don't you use clamdscan with exec() from your php-script
>> and deal with the return value instead of such constructs with race
>> conditions?
More information about the clamav-users
mailing list