Thank you for your answer. But in that case, I'll have to scan the entire key. As it could take some time, I prefer the on access approach. In addition this does not detect when a virus is copied to the key after the initial scan.
On 29/06/16 01:39, Che wrote: > On Tue, Jun 28, 2016 at 6:15 AM, john doe <[email protected]> wrote: > >> I'm trying to achieve the following: auto mount USB key and detect if a >> user uploads or downloads a virus from it. >> An additional feature I can live without: access prevention upon virus >> detection. >> >> The "OnAccessIncludePath" option in clamd configuration file seems the way >> to go. The best solution we could come up is: >> - auto-mounting key in /run/media/$USER/$KEY using udisks2 >> - use homemade script (based on inotifywait) to watch the /run/media for >> new mounted media >> - when so, add mount path to "OnAccessIncludePath" and restart clamd >> service >> >> This solution has MANY caveats, namely: >> - clamd takes some times (around 10s) to start. During that time the user >> can {up,down}load viruses. >> - requires some kind of supervision, if either the homemade script or the >> clamd service crash, the solution does not work. >> - can't specify mount options with udisks2 >> >> I've stumbled upon the clamfs project which seems promising. Any advice on >> it? >> >> Do you guys have a better way of achieving my goal? >> > > > Wouldn't running these as a systemd service -- with an explicit 'path' > service written for mounting USB devices and then clamAV scanning them, > etc. -- do what you want? > > > > > > > > > > > >> >> I haven't dove in the clamd source code, but from the documentation I could >> not find a way to feed the DDD (Dynamic Directory Determination) module new >> path on the fly. >> >> Thank you for your time! >> _______________________________________________ >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml >> > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
