Scan afile for virus in ruby on rails

I don’t have any code available for you, but in short, this is the way to go: download a virus scanner you can access through the command line, like http://www.pandasoftware.com/download/linux/linux.asp, dan call it from your RoR application to scan the file. I’m not sure what RadRails has to do with this, if you’re just looking for virus protection on your development pc, installing any of the known scanners (Avast, AVG, …) will protect your pc from incoming viruses. An even better option would be to just backup your pc, wipe it clean and install Linux (or install Linux as your primary OS besides Windows) on it or buy a Mac :wink:

Best regards

Peter De Berdt

Peter Told Correctly.

1. Install an antivirus in the server. Eventhough it is linux.
2. upload the file using RoR
3. use ruby's system "command" or `command` to run the antivirus on
the uploaded file.
4. There is now to scan in the client side itself before uploading
unless the user does it manually.

I really recommend to take a look at http://www.clamav.net/ it's an
open source anti virus and I used it a lot to filter emails
attachments on smtp servers.
All what you have to do is to launch the antivirus cli command as you
would run any other o.s. command (as described at point 3 by Shrini).
The command will exit with a different exit code depending by the file
containing or not a virus. You can use this exit code to take
decisions about what to do with the file.
Clamav can run even as a daemon, but the cli command is probably a
simpler start point to call the anti virus from ruby.
On many linux distros the clamav package is already included so
apt-get/rpm commands will do the install job for you.
Obviously the virus scanning need to happen once the file is on your
server, but you can scan it imediately after the upload before
launching any other sort of processing on the file itself.
I would insert the scanning as a part of the model validation.
There's probably no way to trigger a scan client side but doesn't even
make sense, definitely you don't want to trust a client telling your
server an uploaded file is ok :wink:

Paolo