I'm creating an upload script and want to make sure that the user isn't uploading something with a virus. Obviously there are a lot of other things to check (such as file size) but I have a question on this aspect of the upload. BTW, I've already created the script to upload the file, so that's not a problem.
It doesn't seem hard in theory. Upload the file, then run a binary like Norton Anti-Virus passing the file as an argument. Then take appropriate action based on what you get back.
My question is, is there a perl module created for this? Or do I need to install a virus detection binary and use a system command to run it? Finally, what about definition updates? How would I ensure that whatever I'm using is up to date with the current viruses out there?
I guess another question I could ask is are there a lot of linux or unix viruses out there? Any info you could give would be helpful. Thanks.
>> Or do I need to install a virus detection binary and use a system command to run it?
Yes.
>> what about definition updates?
That's a different story comparing to your original question. Yes, there is virus definition updates for most virus scanners on UNIX platform.
>> How would I ensure that whatever I'm using is up to date with the current viruses out there?
Just update the definition via a a daily or hourly cronjob. Mine is updated twice a day.
>> are there a lot of linux or unix viruses out there?
Yes. Start here -> http://qmail-scanner.sourceforge.net/ and check for Supported Virus Scanners.
Hmmm... this seems to talk only about scanning email sent to your server on an automatic basis. Am I missing something?
>> this seems to talk only about scanning email sent to your server
Not just incoming, it can be outgoing or even globally or individually.
>> Am I missing something?
Yes. All or most of the scanners support manual scanning. That said, you can use it standalone or configured it to be used with web server or mail server.
Note, I told you to check for supported virus scanners, not qmail-scanner.