I love the idea of clients uploading files from their workstation to their home directory on their server. Now tht a great number of staff are working from home we would like to mitigate the risk of them uploading files with viruses on them. Has anyone integrated clamav or some other anti virus into the upload stream of OOD. Love to her about it.
Alternatively, how could I disable the upload feature to prevent uploads? Thx.
Has anyone had to address this kind of use case?
Right now you can set in /etc/ood/config/apps/files/env this:
If you try to upload a file you then will just get an error message:
I opened https://github.com/OSC/ondemand/issues/471 to track this desired feature. We are likely going to do a files app revamp in OnDemand 2.0 and this will be included as a requirement (as all the other community requested features).
Thanks for the speedy update. I’ll look forward to hearing if this feature is icluded in the v2 release of open ondemand. Thinking out aloud here but some kind of plugin that sends files up through a networded AV server service may be one way of doing this.
I’m curious how you all prevent clients from uploading files already via scp or sftp or similar? Or do you have a workflow to somehow scan those? If so, we can likely leverage that.
This was the sort of approach that I thought could be applied to OOD 1.x.x to detect a virus when staff upload from their remote computer using the “files” tool. I have never tried this but suspect there is a risk that it could slow the upload of large files down a bit.
https://github.com/ ifad / clammit
Alternatively, perhaps there is a way for scanning the file when it uploads to the TMP/buffer directory
Just some thoughts
Is there also an "FILE_DOWNLOAD_MAX=0?
- can the zero be replaced with a specific file size limit?
@christopherwelsh We have a pull request open for setting maximum upload size, here is the PR: https://github.com/OSC/ondemand/pull/502
@christopherwelsh I misunderstood your comment, I now understand that you’re asking for the file browser application to be aware of the maximum download limit.
I made an issue for this, track the progress on GitHub: https://github.com/OSC/ondemand/issues/503
On his mobile.