Skip to content

Commit

Permalink
#4019 - Virus Scan False Positives (#4129)
Browse files Browse the repository at this point in the history 
**Acceptance Criteria**
- [X] Investigate pdfs failing virus scanning and fix
- [X] Try to update clamav to the most updated version (nice to have)

**Notes**
MaxFiles 100 was causing issue with file being not scanned and using
ClamAV virus Database bank to not scan file.

`
MaxFiles in ClamAV's configuration refers to the maximum number of files
to be scanned within an archive, document, or any other container file.
Here's a detailed explanation:
For example:
If scanning a ZIP file containing 15,000 files with MaxFiles 10000:
Only the first 10,000 files will be scanned
The remaining 5,000 files will be skipped
If AlertExceedsMax is enabled, it will trigger a
"Heuristics.Limits.Exceeded.MaxFiles" alert
`

Update Clam AV Docker from BCGOV Repo
Link:
https://github.com/bcgov/common-hosted-clamav-service/pkgs/container/clamav-unprivileged

Demo: Manual test in Dev using Config update.

![image](https://github.com/user-attachments/assets/96635467-caf6-4db7-adc7-828567d5a963)
  • Loading branch information
@bidyashish
bidyashish authored Dec 18, 2024
1 parent 64a1504 commit 1eb9906
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion devops/helm/clam-av/_clamav/configurations/1.0/clamd.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -562,7 +562,7 @@ MaxRecursion 10
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 10000
MaxFiles 100
# MaxFiles 10000

# Maximum size of a file to check for embedded PE. Files larger than this value
# will skip the additional analysis step.
Expand Down
2 changes: 1 addition & 1 deletion devops/helm/clam-av/_clamav/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ replicaCount: 1

image:
repository: ghcr.io/bcgov/clamav-unprivileged
tag: ca3d42f3dde3c5aa9bcab636f752119bbe6a67e8 # pragma: allowlist secret
tag: 3a352496562953dc0d371f265d122a6bc06b2b44 # pragma: allowlist secret
pullPolicy: IfNotPresent

priorityClassName: ""
Expand Down
2 changes: 1 addition & 1 deletion sources/packages/clam-av/clamd.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -562,7 +562,7 @@ MaxRecursion 10
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 10000
MaxFiles 100
# MaxFiles 10000

# Maximum size of a file to check for embedded PE. Files larger than this value
# will skip the additional analysis step.
Expand Down

0 comments on commit 1eb9906

Please sign in to comment.